Shoulda | Openfire | Lazarus | AppArmor | tired | Titanium | Qt 


a Powerful IDE for Cross- 
Platform Development 


Making Apps Right 
on All Platforms 


Build Rich Desktop Apps 


Since 1994: The Original Magazine of the Linux Community with 


SEPTEMBER 2009 | ISSUE 195 | wwwlin 


GOOGLE CHROME 
DEVELOPERS « .Stirsien 


Best Practices 


Use tircd 
to Connect 
to Twitter 
over IRC 


TESTING EASIER FOR bh 
RAILS DEVELOPERS p ollie 


tte hn 


l 


usted 


NETWORKS 


Embedded Wirele 
Dream Machin 


RouterStation 


Featuring a fast €80VHz MIPS 24K CPU, 64M RAM, and 
+16ME Flash; RouterStation provides a excellent horsepower 
{or a vavioty of processor intensive mult-radio system: 
applications. 

Up to 8 miniPCI radios, 3 10/100 ethemet interfaces, a 5A, 
‘power supply for multiple hipower card support, USB 2.0, 
‘and enhanced temperature operating performance and 
cthomt ESD protection for carter applications. 


MSRP $59 


Pod 


ae. Ridge gS 


allt ue 


In response to the outstanding demand for our in 
OEM plato, Ubiqutl Networks announces the 
Pro, Breakthrough Prica/Parformance with a $79 L 


Pro Version Enhancements: 
+ 48V 802 Saf Power Over Ethernet 

+ 4-Port Gigabit Ethemet Switch 

+ 256MB RAM 

+ On Board SDIO Support 

+ On Board, USB 2.0, RS232/d89, and DC power jacks 


MSRP $79 


Prices in USD, Ubiquiti Networks, Inc. Copyright © 2009 All Rights Reserved. Ae www.ubnt.com 


i&T Summer Specials: 


2 Domain Names Included 
(Choose from .com, .net, .org, .biz and .info) 


= 120 GB Web Space 1 Credit to start advertising 
GB Monthly Traffic 
E-mail Accounts 

1 Easy-to-use Site Building Too! = 24/7 Customer Support 
181 Blog m ... and much morel 
1&1 Photo Gallery 


CONTENTS 2% 


lidce@ast 
Internet Solutions 
werorarencreeerers, HOT GOSSIP 


| soinco Welcome 


r 
| 


eel 
= 
= = Existing Users ptt 


MikroTik powered Hotspots around the world 


MikroTik RouterOS powered hotspots are everywhere. From Intemet cafes in desert towns of Africa, 
to futuristic airport lounges in the US and five star hotels in the Mediterranean. Mikrotik can power 
your systems too. Free evaluation installations are available in our download section. 


www.mikrotik.com 


CONTENT 


SEPTEMBER 2009 
Issue 185 


COLUMNS 


18 REUVEN M. LERNER'S 
AT THE FORGE 


Testing Rails Applications with Shoulda 


24 MARCEL GAGNE'S 
COOKING WITH LINUX 


Crass at Your Platform? 


30 DAVE TAYLOR'S 
WORK THE SHELL 
‘Messing Around with ImageMagick 


32 MICK BAUER'S 
PARANOID PENGUIN 
Apparmor in Ubuntu 9 


40 KYLE RANKIN’S 
HACK AND / 


What Really IRCs Me: Twitter 


80 DOC SEARLS’ 
EOF 


Conferences: Pro & Un 


INDEPTH 


72 OPEN-SOURCE COMPLIANCE 
Getting started guide and industry best 
practices. 

Ibrahim Haddad 


IN EVERY ISSUE 


[S_CURRENT_ISSUE.TAR.GZ 
10 LETTERS 
14 UPFRONT. 


NEW PRODUCTS 


NEW PROJECTS 


G5 ADVERTISERS INDEX 


78 MARKETPLACE 


2 ee 


HACK THIS/PROGRAMMING HACKS 


What happened to all the real Hackers? Well, they'te standing by their 
‘mailboxes waiting for next month's isue. 


In our upcoming Hack ThisProgramming Hacks isue, we've got just the kind 
of stuff Hackers like. Write your own OS, right down on the metal—virtual 
‘metal that is, using KVM. For the really brave, find out how to use Coreboot 
and get free of those proprietary 810Ses (or is that BIOSI2). Better yet, build 
Your own CPU with an FPGA. 


‘And, if you're goo goo over Google, find out how to run Android everywhere. 


4 | september 2009 wwwzlinuxjournal.com 


A MARVEL 
OF MODERN 
REENGINEERING. 


Introducing the new Dell™ PowerEdge" Server Solution, featuring a 
new generation of intelligent server processors with the Intel® Xeon 
Processor 5500 Series. And the industry's best performance 
per watt. If you thought you knew Dell, think again. 


Customized. Personalized. 
Recognized, Dell ranked #1 in 
server customer satisfaction” i 


Future proof design. Dramatically reduce 
your power consumption and run more 
efficiently in your data center. 


Fduoed dapioyient tine The wore 
only server with instant-on embedded %® 


systerns management. No media required. 


JOURNAL 


Digital Edition 
Now Available! 


Read it first 
Get the latest issue before it 
hits the newsstand 


Keyword searchable 
Find a topic or name 
in seconds 


Paperless archives 
Download to your computer for 
convenient offline reading 


Same great magazine 
Read each issue in 
high-quality PDF 


Try a Sample Issue! 
Try 2 Sample Iss 


www. linuxjournal.com/digital 


ta, 
Soat"* 


Stele 


JOURNAL 


PRINTED WITH 
IK}, 


Introducing the iX-Green Neutron Server Line 


iXsystems leverages advanced technology and system design expertis 
to minimize power consumption in al oF 

pawer saving technology, Helaing companies mini 
5 a primary server design abjective that results in 
the Tatal Cost af Ownership (ICO) of our systems, through savings on energy 
and cooling costs. 


ur servers, making us a leader in 


Given this set of initiatives, iKsystems is proud to introduce the iX-Gi 
Neutron line of environmentally fri rs within the X-Earth series 


95% aver standard 3.55 


Improved power efficiency does not mean 
compromised performance! 


IX-Green Neutron server ln 
ations. The IX-GN1208 


high per 


N2216 2U si 


sis is also equ 


sduncant pawer supply for autstan 


The iX-Green Neutron server line within the ix-Earth series isan excellent 


‘olce far HPCs, server farms, and other datacenters where space, cast, ener 

zy-effciency, and d « high priorities, By reducing your serverls) power 
tion, ya wil de f awnership (TCO) — without 
ig perfarman nviranmental im 


storage so 


lone. rune the FreeBSD Mall andi the corporate spencer ofthe PC-350 


‘he inquiry frm. One of our expert sles professional wil provide you witha customizes 
uote tat best meets your epen source hardware sluton needs 


‘200-820-85D1 


hetp:/ /www.iXsystems.com 


nterprise Servers fer Open Source 


Reged ery 


2U Ferm Fatr with 16125 SAS/SATA Ht snappabe DvD 


Intelligent. 


Current_Issue.tar.gz 


SHAWN POWERS 


There’s Chocolate 
in My Peanut Butter 


cre combinations a atl good 
GS srt Soe eto 
tran earn a chee, ie and 

fra Aladin spect 
pase oy wll ve she was pregar, ut 
the ether sm pty sure somedines inley 
pats hoppen nwo al el ogee a 
Oper urs aplertons ste Mc 
irene open see sane ch paling. 

Batre you En tase lina ours 
asynboke gest yng agai pope 
Spun aster, beth aa ae 
Fin singeatg we ook pt re obvi ee a 
the sigh steny tay of lang seas of 
feedor n theists, tht 
Imaaphor tay eel tas peop st 
ting oper sour sot in tc Wc 
ervtonents, vats aot es the for 
tig Ws in the ora at a 
bec love fr spyvare hat kegs em. Cone 
piso appleabors ke Freon Oper ag 
tn Adobe Af have done mero poets 
the vty of Lnuxon he destop than yas 
of meta aout Ts meth we fs on 
Grasrpatonn developments ad fr se of 
tswho Wark ia cosepatgm eniorent 
iam bea che io of eso, 

Rewer emer Sa out sue th 
the mest pour frm of eestor dee 
opment the Web, He shows howto tet als 
apps wih shoul an ees nared od 
that should help Ry shine. Mae! cagné as 
tothe ia of Popen pete by showing 
how to ie ope stra on he eo 
Hewat us ag sting ip a abies sey, 
whch wl all uses of ay platform to 
Cores an cht. Asa wang, fy comet 
with Marcel. youl key end chatting 
2hout Winer poly hs funy hat 

se Rankin deed san he word of 
Tutor tis month, and although tere es 
are mary rma pat Tote soesiony 
Kj decked he neeed have tn iste 
greerorlock tet window fe °M Rte 
Rankin demonstaes hon to rake tr 
nathng moe i acter chanel in your RC 
Gient Deep down, Tm abt Jesus Kile does 
inst of is conmaication via Re, but dot 
te him or el be mpossbe to work th 


8 | september 2009 wwwzlinuxjournal.com 


Although Web applications certainly seem to 
be the current trend in programming, what if you 
want a desktop application instead? Mark Obcena 
shows us Titanium, an open-source platform Web 
developers can use to create desktop applications, 
Just like their Web counterparts, Titanium applica 
tions allow for cross-platform development. 

Hf Web development isn’t your thing, that's 
perfectly fine too, Mattias Gaertner demonstrates 
Lazarus for creating platform-independent code, 
Whether you're aiming for native applications on 
Linux, Windaws ar OS X, Lazarus can do it for 
you. Ina similar vein, Johan Thelin tells us about 
Qt. Although it's most known for its huge role in 
KDE development, recent versions of Qt integrate 
quite nicely with GTK+ as well, Add to that cross- 
platform application support, and Qt continues to 
be 3 great development platform. 

Don't worry though; here's the paragraph 
where | tell you it's okay if you dan't identify 
with SISSUE_FOCUS, because we stil have a well- 
rounded magazine filed with Linux goodies. Mick 
Bauer dissects Ubuntu’s AppArmor and what 
it means for the security-minded user. Ibrahim 
Haddad discusses open-source compliance. It 
would be nice if everyone followed the rules, but 
sametimes the rules are difficult to understand 
and the procedures for dealing with them are 
complicated. Ibrahim helps us out. We also have 
an interview with the team that is working on 
Chrome, which is Google's cross-platform Web 
browser. Yes, | realize it's cross-platform, but with 
Google's recent announcement af its Chrome OS, 
Chrome is going to be an entirely new platform 
ofits own! Like all good platforms, however, 
Chrome, of course, will be based on Linux. 

0, if you still think open source has no place 
in a proprietary world or that cross-platform 
application development is a bad idea, feel free 
to burn this issue. While it's burning, you might 
want to roast a marshmallow over the fire and 
then combine it with chocolate and graham 
crackers. That combination definitely works. 
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AFunny 
Ijust found this so funny | had to share. 
MSN decided to call its search engine 
Bing. | dan’t know wha the idiot was 
who thought of this one, | know in 
Chinese Bing means “disease”, so 
Windows is admitting what itis? LOL—I 
just thought this should be shared with 
the Linux world 


Dean Hill 


Linux on the Desktop, Part I 
Lam sitting here reading the new Linux 
Journal that came today (uly 2009), and | 
‘come across ths letter to the eitor trom 
Kuimacet tiled “Linux on the Desktop?" 
where he mentions that Linux asa desktop 
‘0S has the apps, but lacks the stability. | 

lke Shawn in the response, am scratching 
my head. Typical, users fe! the opposite 
We have the stability, but lack some of the 
mainstream apps. He goes on basically 
to mention how Windoze is quirky but 
at least it works. 


Yes, when you buy a fresh new Dell ar HP, 
it just works. Those companies have taken 
the time in their shops to make sure it 
does before shipping. But, how many of 
us out there have built afresh new rig 
with Windows? Does it "just work" then? 
No. You still hve to find/nstall the newest 
<ivers and hope they have them for your 


version (Vista, XP, 32-/64-bit) Linux is 
the same way. Sure, you may have to do 
a little configuring, but you do that in| 
Windows as well. am currently using a 
(Qosmio X305-Q705 running Fedora 10, 
64-bit. And when | did a fresh instal of 
Fedora, guess what? Everything worked! 
Sound, wireless, video—everything. So 

‘Windows just works” is not a great 
‘argument. Most computers running Linux 
hhave decent support for most devices out 
of the bor. The mast really have to do is 
‘occasionally get some wireless drivers or 
the NVIDIA drivers (which have a Linux 
version) if | intend to do any heavy 
gaming, For business, you probably 
wouldn't need this. 


‘And, regarding those forums mentioned in 
the letier, in mast cases, those unanswered 
problems probably were answered in many 
‘other places in thase same forums. It just 
takes a litle looking. For “typical” users, 
how many Blue Screens of Death do you 
see in Windows compared to kernel panics 
with Linux? Linux surpasses Windows in 
stability by fay, no matter your experience 
Jevel—just my two cents though. 


cary 


(My experience has been similar to yours 
In fact, at first | thought the letter vias 
tongue in cheek, but it looks like the read- 
fer had same serious bad luck with Linux, 
Hopefully cur responses will encourage 
folks having difficulties with stability to 
take anather look at their hardware, 
because as you mention, stability is gener- 
ally one thing Linux gets very right —Ed. 


Unsung Hero 
Has anyone thought to check out the 
World Digital Library? Per the publica- 
tion The Library of Congress Gazette 
article published today (May 29, 2009) 
titled “WDL 1.0 Technical Info", the 
following might be of interest to the 
Linux community 


'm Development time: ~13 months 
Lines of cade: ~50,000 


1m Test cases written: ~600 
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1m Development platform: Linux 
1m Deployment platform: Solaris 
1m Key technologies: Django, Python, 


MySQL, Sal/Lucene, Squid Nginx, 
Seadragan 


It also provided the following | 
day statistics 


fm Page views: 7.1 million 
wm Visitors: 600,000 
fm Peak hitsshour: 32 million 


When there is a major application being 
contemplated and the IT folks all say 
Windows, maybe this will give them 
pause. The article did not give a byline 
fr mention which distribution of Linux, 
unfortunately. 


Paul F. Baltrunas 


Sadly this is one more example of the 
unsung heroics Linux is responsible for 
accomplishing. | wich “open-source infras- 
tructure" was a required course for any- 
‘one going into the I field. Unfortunately 
the implementation of open source 
generally is driven by (lack of) finances. 
Thanks for the information —Ed. 


Disappointed with KDE 4 
[recently upgraded from Kubuntu 7.10 to 
Kubuntu 8.10, and | was amazed to find 
that KDE had jumped from version 3.5 to 
version 4.2! am a really KOEsh guy, as 
the first Linux desktop | ever saw was KDE 
3.x0on Knoppix. ASa result, | learned to 
love KDE. KDE feels like home. | don't hate 
GNOME, GNOME isa great desktop, and it 
leven starts and runs faster than KDE. But, 
its less configurable than KDE, and even 
though the difference is minor, i's enough 
for me to use KDE—at least, until KDE 
4.x came along 


KDE 4.xis a major recode from the 3 series. 
For instance, the desktop now has a widget 
based setup—widgets go on the desktop, 
not fles. You want a comic strip on the 
desktop? Sure, ithas a widget for that, You 


want a battery monitor? A dictionary? A 
dock? A calculator? A 1Spece puzze? It's 
‘got widgets for those to0, Hw exciting— 
Until you remember that “widgets, not files” 
has "NOT FILES” init, No more putting icons 
rectly on the desktop, which is great, i you 
always have wanted a comic sip on the 
‘desktop. But, na files directly on the desktop 
isnt the only bad surprise that comes packed 
with KDE . It aso is much less configurable, 
because so much was recoded, the KDE 
‘coders have nat had te to readd all the 
functions of good-od KDE 3, and the config: 
tration options that go with them are all 
missing—for example, auto-hiding the Kicker 
‘You can't auto-hide the Kicker in KDE 4 at 
al, whereas KDE 3 could be set up to hide 
the Kicker as saan as the mouse left the 
Kicker and shaw it again as son asthe 
mouse hit the bottom af the screen, 


(Of course, there isa reason for al this. 
Apparently, the KDE coders felt KDE was 
‘getting behind the times, and it was time 
‘to upgrade the interface. KDE 4 has good 
desktop effects, and although | lave the 
effects and interface, for naw, KDE does it 
at the expense of everything else. 


‘Are you ready to give up your favorite file 
manager, Konqueror, for a new file man- 

ager that is missing some of Konquerar's 

‘best features? Then, upgrade to KDE 4, 


Hopefully, the KDE guys did't give up good 
features for good. 'm waiting on edge for 
KDE 5, in which, hopefully, all of KDE 35 
‘good features wil have returned. But for 
‘now, |am using GNOME, which sill has 
much more reasonable features 

Christian #. 

From Afghanistan with Love 
tim curenty inthe hills of Afghanistan and 
found that receiving snail mails very 
Lnpredictable/unreliabe, Therefore, being 
new to the Linux world, | was looking for 
‘quality reading that | could dowmload onto 
my laptop. After searching al the Web, | 
‘came to the conclusion that your subscrip- 
‘ton helped me withthe understanding of 
how Linux operates compared to the 
‘dreaded Windows and Mac environments 
ve completely removed all Windows from 
my system now. Spec thanks 90 out to 
‘the support in your subscription depart- 
ment as well | accidentally subscribed to 
the print edition, and within minutes called 
and received a subscription change. This 


allowed me to download the latest digital 
edition of your magazine. Additionally, | 
‘was able to go to the back editions of 
Linux Journal and grab all the ones that 
Interested me. Again, you guys ROCK! 
Thanks forthe great service and product! 


Stephen Alderete 


That's great to hear! Thanks for sending 
usa note, and if you have a reliable con- 
nection to the Internet, be sure to visit our 
Web site as well. There are fots of things 
‘on-line that don't make it into print. —Ea. 


Ever Mangli 
File 

Reading the December 2008 issue (ive 
‘months ltl), was somewhat amused by 
the box on page 37 "Regenerating smb cont 
in DebiantUbuntu Renstaling a package 
merely because a configuration file got 
‘mangled seemed rather unnecessary 1 
am experimenting with something new, | 
will keep a copy (such as sm conto). 
Beyond that, | keep configuration fle 
under RCS contr, so can turn back the 
Glock to any version | want 


a Configuration 


David Penman 


You certainly have best practice in mind 
when you tweak your config fils, but 
unfortunately many users de nat. Sadly | 
often fall into that category myself! And 
don't get me started on how many times 
Thave to ask users, “Do you have a 
backup?" Thankfully, Linux distributions 
generally have a way to get back to the 
defaults when we do silly things —Ed. 


Linux on the Desktop, Part Ill 
In the July 2008 issue's Letters section, 
Kulmacet commented that Linux was 
stil not a good desktop 5 and cid not 
“work” out of the box. When | hear this, 
just scratch my head. Maybe the reader 
‘was installing an older Gentoo? Ubuntu, 
‘OpenSUSE and Fedora are all mainstream 
distros and install very easily. Recently, a 
family member asked me to take a lock at 
her computer that took ages to boot up, 
{and then was so slow it was pretty much 
‘unusable. { don't have to go into the sori 
details ofall the viruses, spyware and other 
junk the scanner turned up. "Can someone 
Just make a system that works and doesn't 
get al these viuses?”, she asked. | backed 
up the data, wiped the drive and installed 
‘OpenSUSE 11-1 with GNOME, After a brief 


(LETTERS; 


tutorial, off she went. A few months later, | 
hadn't heard anything and had assumed 
Windows was reinstalled. No, she Was very 
happy, and the system was fast with no 
viruses. She even installed a new printer, 
scanner and camera, 


Not every user will have this experience, 
but! have converted quite a few friends 
and coworkers to Linux during the past few 
years. Of course, | use my knowledge and 
‘experience to get them over that fear of 
the unknown. | am sure that your readers 
could share similar experiences, 


George 


Like my previous comment, | full agree 
wth you. The reader lst manth abviousy 
had an uncomman, and unfortunate Linux 
experience. Hopefull, well all be the 

encouragement needed to ty again!—Ed. 


No More Break-Ins 
Nice arte on the WD MyBook World 
Editon [se Federico Lucited’s "Hacking 
Your Portable Linux Server” inthe July 2008 
isuel ust picked up a copy from the loca 
computer store and was happy to dscover 
that one doesn't have to break in anymore. 
“The WD software alow you to open up 
the system nowadays. | dnt know if that 
works fr all World Eitons—in particu, 
the MyBook in the atcle—however, my 
quess would be it works thee to. 


Hans Kramer 


Re: Bad Guys 
et the fist letter to the magazine that 
disturbed me go, but after reading ths 
most cent complaint, | had to wt in, 
However, in no way am attacking Linu 
Journal. Asa communist and member af 
the International Socialist Organization, | 
alas find it saddening to read ar hear 
people’ distorted understanding af com- 
munis. Francis Kahl wrote into claim 
Manes responsible for the “most homie 
dlitatorships in istry” (see the July 2009 
issue's Letters). There ae two reasons this 
is usualy a view pushed by people. Fs, 
because Marx called for the "dietatorship 
of the proletariat”; however, this in no 
way refers to an individual cctator iis 
the ruling ofthe entie proletariat over 
the bourgesisie. Second, because many 
individual dictators have proclaimed 
themselves Manists and even have socal- 
ist states. But, someone saying something 
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Fibre Channel speeds at Ethernet prices! 


Is your budget shrinking while your network storage 
needs are growing? Are you suffering from “sticker 
shock” induced by expensive Fibre Channel and iSCSI 
storage area network solutions? EtherDrive” SAN 
solutions offer Fibre Channel speeds at Ethernet prices! 
Starting at just $1,995 for a 4TB system, EtherDrive® 
is the affordable storage area network solution. With 
sustained access speeds from 200MBytes/sec to over 
600MBytes/sec, EtherDrive” SAN solutions are fast 
From a 4TB single storage appliance to multi-PetaByte 
system by simply adding more storage appliances, 
EtherDrive®’ SAN solutions are sealable. From a 
single storage appliance to a network of sophisticated 
virtualized storage LUNs, EtherDrive® SAN solutions 
embrace virtualization. 


Coupling Ethemet technology with SATA hard disk drives, 
EtherDrive* SAN solutions exploit commodity 
components to deliver affordable, fast storage area 
network solutions that keep more green in your wallet! 
Whether you use your own SATA compliant disk drives, 
or our certified enterprise class disk drives, you are in 
control! EtherDrive® SAN solutions accept standard SATA 
hard disk drives. Ethemetand SATA disk drives -two proven 
technologies in one affordable, fast storage area network 
solution - EtherDrive” 


Call 1.877.548.7200 
or vi 


International: +1.706.548.7200 


‘it our website at CORAID : 
www coraid.com ev 


EtherDrive" SAN solutions use the open ATA-over-Ethemet 
(AoE) lightweight network storage protocol. Simple. 
Easy to understand. Easy to use. AoE uses Ethernet 
to transport ATA disk commands without the burden of 
TCP/IP overhead, thereby enabling disk drives to become 
AoE devices connected directly to an Ethemet network. 
An AoE device can be a single physical disk or a logical 
device made up of multiple disks, An EtherDrive® SAN 
appliance is an AoE target device. 


Finally, an affordable, fast storage area network solution 
for your VMware” ESX 3.5 installation. The EtherDrive® 
VMware ESX Host Bus Adapter empowers ESX with 
AoE technology to deliver EtherDrive” SAN solutions for 
your VMware ESX 3.5 installation, 


Shipping EtherDrive* RAID solutions since 2004, Coraid 
boasts thousands of satisfied customers spanning a broad 
spectrum of the market including enterprise, government, 
educational institutions, and hosting service providers. 
Call today to order your EtherDrive” solution, and join 
the ranks of our thousands of satisfied customers! 


«| technology alliance 
( vware’ | partner 
ESX 3.5 compatible EtherDrive* HBA 


FRONT — 


NEWS + FUN 


WebcamStudio— 
Create Your Own 
On-line Video Show 


WHAT’S NEW IN KERNEL DEVELOPMENT 


A fe 
Rik van Riel has doubled and dou- The current version recurs mens 
bed again the amount of RAM thai all child directories, but it a back, Linux 


ly addressed in the x86 
previous limit 
cor more than 17 
terabytes. The new limit is 2* bytes, Its na longer 
terabytes. racing events are enabled and 
he Linux Pulse Per Second are not, becaus 
(Linu ct has had to reset and controlled by con 


can be dire Journal 


had a live 
streaming 
‘Linux Journal 


jdo van den Heuvel in the directory t as Steven said 
hadn't been ssion, the information (One of the frustrating things 
accepted, and neither Andrew is all there, and a script easly could about running the s! 


Morton nor Alan Cox could re 
ber any of the obj 
against it. They both rec 
ubmitting the pat 
ry least would get the folks who 


identify all configured events. As far as that it was very difficult to get 
pe ceoate yen a 00 the “studio" feel using Linux. 
As it happened, we ended up 
using a Macintosh computer 


ting, in which it had op 
ating-syster-independe the 
with a thin layer of support for 


sion—the 
signed off or 
before introducing any cade that 


Nindows and so on. And, he 
anted to know if anye 
2. Turns out several folks 


might be more controversial. He had 


also pointed out th 
abjections had b 


n fined, or thai 


e of the main ones being 


the objectors already had agreed Jeff Garzik. Jeff recommended Intel's ave anata tive 
the fix could wait. So, it looks lke a networking drivers as excell 

{good thing that Udo asked about this examples of good pra Shols now: well besshle to 
initially, or the perfectly good code ed modularzing the stream from our dearly beloved 


might be lingering stil piece of hardware would have its own 
he XCEP motherboards fram W 

IskraTel ow are supported in Linus, 
cool, because that mother- code, He also re 
d in many part ler —_general-purpo: 
jut the world, Michael 


Linux, thanks to the open: 
source project, WebcamStudio 


(webcamstudio sourceforge.net) 
WebcamStudio allows Linux 


users to stream Webcams, 


Abbot recently submitted patches it mote easily. The Application Binary “ : , 
is architecture, which runs Interface (AB), Jeff said, also should orepilcs, tert end, much mare: 
main consistent with other drivers to sites like ustream.tv. If 
ready in the kernel. Any feature jer wanted to try 
similar to something found elsewh 


your hand at a live show, be 


(auld imitate that ather interface 
Any features that were unique, on the 
tory tree. The previous ather hand, could 
ersion required that each e interface seemed bs 
d individually in 


sure to check it out. 


eate whatever suawn rowsns 
t 


14 | september 2009 www.linuxjournal.com 


NON-LINUX FOSS 


Moonlight is 
an open-source 
implementation 
of Microsofts 
Sihvertght. In 
rt familar 
wit Siveright, 
itsa web 
browser plugin 
that runs 

fic internet 
applications 

Ie provides 
features such 

as animation, 


audioWidea 
playback and 

Silverlight Pad Running on Moonlight ram wewmano-project.com) vector graphics, 

Moonlight 

proyrainming is done with any of the languages compatible with the Mono runtime 


environment. Among many others, these languages include Ci, VB.NET and Python, 
Mono, of course, is @ multiplatform implementation of ECMAs Common Language 
Infrastructure (CL), aka the .NET environment 

‘A technical collaboration deal between Novell and Microsoft has pravided 
Moonlight with access to Silverlight test suites and gives Moonlight users access 
to licensed media codecs for video and audio. Moonlight currently supplies stable 
support for Silverlight 1.0 and Alpha support for Silveright 2.0 


LinuxJournal.com 


AAs we read this month's coverage of cross-platform development, | thaught rd 
Weigh in on the Web development end of things. While | work toward a new: 
and-improved iteration of Linuxlournal.com, | must canstantly consider the 
needs of users with widely varying operating system and browser configura 
tions. Linuxiournal.com visitors are a technologically diverse bunch. As you 
might expect, the majority of our Web visitors view Linuxlournal.com with 
Firefox, but what may surprise you Is that a slight majority of those Frefox 
Users are browsing from a Windows machine. Linux and Firefox users are 
ripping at their heels though. What also may surprise you is the percentage of 
Visitors Browsing with some version of Internet Explorer, Granted, that percent- 
age has decreased during the last couple years, but the most recent numbers 
show about 20% of traffic coming from IE users, down from around 30% a 
year ago. Other browsers ike Chrome, Opera and Safari have a small but 
important constituent as wel, which makes my jab just a litle mare interest. 
ing. So, to all of you visiting us from a less-used browser, | am doing my very 
best to give you the same great experience as the Firefox majority, and to all of 
thase using IE, well, you may drive me ta drink. | stil welcome you though, 
and I will do my best to accommodate! 


(UPFRONT, 


September 2009 


1 Percent ofall wate thatis e-waste 2 


2 Percent of the ary metals in nds that ome 
fram e-wase: 70 


Number of separate lent fund in e-waste: 3 


(Percent e-waste hound freeing hat actually 
ges reyeled: 20 


5. Average numberof lecronic ms purchased 
‘er American household per yar 2 


4 Average number of books red per yearby adults 
inte US. 4 


‘Percent of ads in the US that ead er baoks 
per yar: 25 


Number a ous the 
watching TV pr day 


age American pends 
9. Number of years spent watching TV during a 
5-year: 9 


‘Average tine someone inthe US spends Web 
surfing each mont: 27:38:58 


11 Average tine someone in France spends Web 
surfing each mont: 19:16:28 


‘12 Average tine someone in Spain spends We 
suing each mont: 17:52:43 


12 Average ine someone in the U 
suing each mont: 17:36:55 


‘4 Average ine someone in Germany spends Web 


14 Average tine someone in Australia spends We 
surfing each mont 


‘7 Percent of cal adversrs on search engines 
that choose otto renew 50 


18, Percent of cal advertisers on advertising sites 
that choose otto renew: 60 


20. Change inthe debt since last month's column: 
'$152,944,501,331.18 


Swuces: 2 EA 4 Bal Convention 5 Consumer 
‘Bec Association | 67 Washington Pest 8A 
in Ca, 20 Math 10-16 Telegraph 17.18 
Tho Busins dr 1 we ili come clock 
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UPFRONT, 


Mac OS X, It’s Not Linux, but It’s Close 


entity, nat having much in comman with 

other OSes, such as Windows ar UNIX, 
which made cross-platform wark abit 
carwoluted. However the advent af the latest 
incamation of the Mac 0S, called 05 X or 
Darwin, provides a very comfartabe alterna 
tive for Linux geeks. Because Darwin is 
based an BSD UNIX, iti possible to use 
POSIA-compliant applications on the Mac. 

‘Apple provides a package called Xcode 
‘is develaper ste. Xeade has the necessary 
tools for compiling programs on the Mac, and 
it indudes a nice graphical IDE and lots of 
‘amples for developing applications for 0S X 
‘cade is based on the GNU taoket, providing 
tools like gcc, libtool, make and so an. That 
means, with Kade, mast command-line appl 
‘ations can be compiled and run on the Mac. 
So, a simple litie hello world program: 


| the past, the Mac OS was afaidy unique 


#incluge <staio.n> 

include <stdlib.n> 

int main (int arge, char **argv) ( 
printf(*HeLto Worta\n") 

, 


‘compiles fine with gc, ging you an executable 
that prints aut “Helle Ward” on the command 
line. Basically anything that's POSLK-compant 
‘ould comple and run with no sues 

Getting graphical programs to run can be a 
bit mare involved. Mac OS X does ravide an X 
‘server and all the standard developeent libraries 
you would need for a pure X11 application, 
tke Xb, However, none ofthe ether standard 
lates, ke GTK or Qt, are avalable by default 
You have to download, compile and install them 
yourself, which works fay well, but you have 
te choose the corect conbguration options and 
collec ll the requiced dependencies. But, you 
‘shouldn't need to go through so much pain 
“Two projects in active development provide 
same form af package management for GNU 
software: Fink and MacPorts, Using these, 
{getting and installing GNU software is as easy 
te do ast is with mast Linux dstos 

‘The Fink Poject stated in 2001 ads based 
(on the Debian package management system, 0 
you can use the Debian package tools tke dpkg, 
select and apt-get, making it familiar fr Debian 
based dst srs. Once the base instalation is 
‘done, you can start to instal packages. you Bke 
2 text-based manage, use dslect (Figure 1). If 
you prefer a graphical manager instead, use the 
folowing command to get synaptic Figure 2) 


sudo apt-get install synaptic 


Using these applications, you can install 
many ofthe packages you are familar with in 
Ln The package count, atthe time of this 
wating, i: 10,872. 

However, not al packages ave avalable a a 
binary install using these tos. Foe that cass of 
packages, Fok instal them direct fram source, 
‘comping and naling on your Mac. So, for 
‘ample if you want to instal ramps and do 
‘some genealogy wot, execute the follwing 


‘sudo fink install gramps 


ven instaling from source, Fink deals well 
with dependency issues, because it stilis based 
(nthe Debian package management syste. 
The MacPorts Project tated in 2002 and 
‘modios itself after the BSD port packaging sy 
term. Thus, you use the cornmand to ranage the 
packages on your system, Once you have done 


Figure 1. dselect Package Manager 


Figure 3, Anjuta IDE 
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the base instal, you can instal other software 
packages simply by runing the command 


sudo port install steltarium 


Several graphical interaces are avallable as 
well, such as Portcus. However, thase typically 
are independent projets, as opposed to the 
Debian tools avaiable in Fink. As such, their 
development cycle and behavior tend to be a 
bit more erratic and unstable than the alder 
and more mature Debian toos, But stil, they 
‘may be exactly what you're laoking for if 
you prefer a graphical interface. Like the 
Fin Project, both binary packages and source 
packages are availabe. There are 5,829 
packages avaiable in the MacPorts Project. 
‘Both projects provide acess to the fll wealth 
of open-source applications tht has been aval 
ale to Linux users, and the purer of packages 
provided by both projects cantinues to grow. 
(Once you have one, or both, of these pro: 
Jecs installed (they wil coexist on your syste, 
yo wl have al he tos necessary to do your 
‘own code development. have used anjuta 
(Figure 3) on my MacBook to develog some small 
{GNOME applications. These compile and run 
equally well on ry MacBook and my Netbook 
running Ubuntu, Although there ist binary 
compatbity between OS X and Linu, with 
source compatbily tis (at eatin theory) sim- 
ply a matter of recompiling for the other system, 
Running Mac OS X code on Linux isnot as 
ey as running Linux code on Mac O$ X. The 
real stumbling block i the graphical interface 
called Quartz on the Mac 0S. Although the 
etnel and mast a the commandline tals have 
‘been released as open source software, Quartz 
stil is dlased. At the time ofthis wring, | could 
‘not find ay references to a reverse-engineered 
‘open-source replacement far Quartz. So the 
‘nly option avalable is running 5 X inside a 
Virtual machine. Athough this is not technically 
running Mac applications on Linux, it does 
fravide the ability to run OS X on a Lux box 
“Jory nemwanD 


Resources 
‘Apple Developer Connection: 
sdeveloperapple.com 
Open-Source Apa: 
vwrwwopensource apple.com 


Fink Project: wwwfinkprojectorg 
MacPorts Project: wwnw.macports.org, 


Why Buy a $350 Thin Client? 


Vibe at a conference 
in Troy, Michigan, put on by the 
«Project, wwwltsp.org) 
ymmercial company 

\wwwdisklessworkstations.com). The 
mini-conference is geared toward people 
fering thir-clent computing forthe 

My tall 
where | have 


(On August 10, 20 


SP (Linux 


networ will be targeting education, 


One of the issues network adminis 


hen full-blow 


arth 
desktops can 
investment 

there’ really nat only one answer. Thankfully, 
LISP is 


flexible with the clients it 
avenue is chosen, it 
he advantages 
ro. The thin 
are designed to be unboxed 


so whatever 
wel, Some af 


time is almost 


lient 
and turned on. 
Because modern thin clients have no 


moving parts, they very seldom 


nd tend to use much less 


Pr 


electricity compared to desktop machine 


Top-of-thedine thin clients have sufficent 
specs to support locally running appl: 
ations, which takes load off the serve 
without sacrificing ease of installation 


They look grea 
There are some advantages to using 
desktop machines as thin clients too, 
dit possible they will be the better 
lution fora gwen instal 

Older des 
thin chents. Although a S0OMHz com: 
puter is too slow to be a decent worksta 


tion a very viable 


Netbooks lke the Eee PC can be 


thin cents and then used as notebaok 


camputers on the go. it makes for a 
ightly incarwenient desktop setup, 
but if mobility is mportant, ft might be 


It's easy to get old 


computers for 


free. Even with the disadvantages 
that come with using old hardware, 
it's hard to beat free. 

Thankfully, wth the flexibility of LTS, 


y combination of thi 
the same network 


If you're looking 
way to manage lats of client 


mputers, the Linux Termi 
might be exactly what you need. 
couldn 


hey Said It 


with a loaded Uzi 


the future to be pretty scary 


We're done with the first 80%, and well into the second 80%. 


Doing linear scans over an associative array is lke trying to club someone to death 


Getting information off the Internet is like taking 2 drink from a fire hydrant. 


Globalization, as defined by rich people like us, is a very nice thing..you are talking 
about the Internet, you are talking about cell phones, you are talking about 
computers, This doesn’t affect two-thirds of the people of the worl. 


| don't have to write about the future. For mast peaple, the present is enough like 


In Cyberspace, the First Amendment is a local ordinance 


UPFRONT 


Hardware 
Requirements: 
None 


mer of a Kindle DX. That may 
seem a bit odd, c 

much | despise DR 
selling 


sidering how 
The real 


and in full 
for the system requirements for 
the Kindle D» thinking 
it might sport Linux support), | 
was amused 
requit 

The Kindle 
self-contain 

needing to 
to a computer. Because it actual 
mounts as a USB removable 
device, it will work just fin 
under Linux. But, more interest 
ing for me is that it 
to sync at all. And, that got me 
thinking about my other elec: 
tronic devices. | have two smart 
ss that | never connect to a 
mputer. They both have the 


ever needs 


the need t 
directly 
will h ompatibility 
into the past? It 
uuldn’t be a bad thing, unle: 
of course, proprietary hardware 
ith propri 
network protacals. Luckily, 
Linux is king on the Internet, 
so we're much more likely to 
keep standards in pl 
than in the hands of Wine 
savvy develops 
y Kindle DX might h: 
the taint of DRM, but thankfully, 
for non-DRM 
rll. Although it has sup, 
port for the non-fr 
operating system, it al 
Linux. And heck, it will run just. 
fine all by itself. | figure that’s 
becaus 
its underlying 


it also has sup 


supports 


it’s running Linux as, 
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COLUMNS 


AT THE FORGE 


REUVEN M. LERNER 


Testing Rails Applications 
with Shoulda 


New to testing? Just want an easier time with Tes 


Shoulda is the answer. 


The past few months, I've been looking at a 
‘number of tools that make it easier for Ruby on 
Rails developers to improve the reliability of their 
software using automated testing. Even if you 
don't fully subscribe to the nation of test-driven 
development (TDD) or its cousin, behavior-driven 
evelopment (8DD), the fact that Ralls makes it 
s0 easy to test each part of your code makes it 
less likely that foolish mistakes will creep into 
your applications. 

8y default, Rais comes with Test:Unit, a test 
suite that makes it possible, and even easy, to check 
your code. Coupled with the test classes that come 
with actionpage, one ofthe care Ruby gems that 
comes with Rais, you can create a comprehensive 
test suite at the unit (mode), functional (controller) 
and integration (coss-controller) levels. if you have 
2 comprehensive tet suite, you easily will detec, 
and understand the implications of, changes you 
‘make to the code that break the test 

That said, Test:Unit sometimes can be a bit ver 
bose and repetitive. f you are writing unit tests, and 
you want to make sure that a particular attribute 
has been tested completely it would be nice to be 
able to express @ number of test cases quickly and 
tersely. Tests can function, in many ways, asa type 
Cf specification (ast will explain when we get to 
Spec and Cucumber in coming months) and the 
easier it isto read these specifications, the less likely 
Codd behavior isto slip through the cracks. It also 
goes without saying that the easier itis to write 
tests, and particularly comprehensive tests, the 
‘maré likely you are to write them. 

This is why Shoulda, a set of macros that work 
with Test:Unit,has become popular among Ruby 
developers in general and Rails developers in 
particular. Shoulda, developed by Tammer Saleh, a 
programmer who works for the Thoughtbot consulting 
company in Boston, is a set of macros that makes it 
easier to write tests with Test:Unit, as well as easier 
to read them. | have begun to use Shoulda with 
projects that | test with Test:Uit and have found 
it to be quite enjoyable 

This month, | take a look at Shoulda, and how 
you can integrate its macros into the tests you write 
na Rails application. | explain how Shoulda divides 
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init? 


tests into contexts, allowing you to group tests 
together even within a single file. | also describe 
how Shoulda's various macros make it easy ta run 
‘a number of tests using a single readable line. 

| should note that although Shaulda originally 
was designed to be used with Test=Unit and to 
provide something of an RSpec-like environment 
for Test:Unit users, it adds a growing amount of 
support for RSpec as well. Even if you use RSpec, 
you might want to consider using Shoulda along 
with your standard RSpec tests (ar specs). | haven't 
looked at the combination for my awn work, but it 
might be appropriate for what you're doing, 


Installation and Basic Use 
Shoulda comes packaged as a Ruby gem, and can 
be installed as: 


su foe stall thagtat-sasda —-surcesttp://gos. th. 


Earlier versions of Shaulda came packaged 
Under a slightly different name (Shoulda, rather 
than thoughtbot-shoulda). It also is possible to 
install Shoulda as a Rails plugin; in this article, | 
assume that you have installed the gem version 

You can incorporate the gem in your configuration 
file, configfenvironment. 


config. gem “thoughtbot-shoulda’ 
“meeps //gens. github com 


Tob => “shouteas 


With that in place, your Rails application 
either will run with Shoulda in place, or it will fail 
to load, complaining that the gem has not been 
installed. in one of my favorite Rails functions, 
you then can type 


rake gems:install 


land your Rails application will examine its list 
of required gems, dawnload those that are 
not yet on the system and install them in the 
appropriate places, 

Let's assume you have created a simple 
Rails application that cantains a single model 
that describes people. You can create it in the 


following way. 


rats simple 
ca simple 

‘Jecrigt/gmerate model Person foretnane:text Lastnane:text 
“irthaatecdate grate schoolsinteger ne nurber:tect 
enasaddressstext 

rake doimgrate 


At this point, you now have a simple Rails appi- 
cation (using the bult-in default database, SQLite) 
with a single model defined. By creating your model 
with a generator, you get the following simple unit 
test file 
require ‘test hetper 
class PersonTest « ActiveSupport 
# Replace this with your real tests 
test "the truth” 20 


Testcase 


end 
end 


True, you can invoke rake test on this, and 
the tests will succeed, but that's because the test, 
‘s completely empty. You can write: 


rake testsunits 


but the success won't really tell you much, other 
than the fact that you need to write some tests. 


Testing with and without Shoulda 
Now comes the hard part. What sarts of tests da 
you want to write? Well, that depends on the 
Canstraints you have put an your madel, typically by 
using ActiveRecord validations, 

Specifically, you presumably will want to make 
sure that the people have a first and last name, 
and that their grade in school (for the purposes of 
demonstrating some additional testing) is greater 
than O and less than 13. You will want to make sure 
that the person's birth date isin the past. You also 
will want to make sure that every e-mail address in 
the system is unique to avoid having more than one 
person with the same e-mail address 

In the model file itself, the validations will ook 
like this: 


cs Fern < detivebecars tse 
valiaates presence of frst, 
validates uniqueness of cena attrese 
vatantes rmercalsty.of grain scat 
‘sweater than or equal = 8, less tuner egal ta = 13 


If you simply were using Test:Unit, you probably 
would want to test each of these validations. This 
has less ta do with testing the validations and mare 
to do with ensuring that your code meets the 
specifications you have laid out. (If tests were only 
2 means af checking the correctness of your code, 
you could make a pretty good argument against 
tests for these validations, because ActiveRecord 
already has a fairly extensive test suite.) 

If you were to try to test this line: 
valicatas presence of firstname, lastname, :enatl_adress 
you would need to iterate aver each of the three 
fields that are mentioned, checking to see whether 


Listing 1. person test 
require 'test_helper 


lass PersonTest < Activesupport: :TestCase 
# Replace this with your real tests. 
‘test "working person” do. 
person = Person.new(:firstnane => ‘First’, 
lastname => ‘Last! 
"foobexanple.can’. 
rade_in_school => 16) 
assert person.valia? 
end 


sena\l_adsress 


test "person must have first mane" do 


person = Person.new( =firstnane 
lastname => ‘Last! 
lena\1_adiress => 'fooBexanple.con’, 
-grade_in_school => 18) 
assert person. valid? 
end 


test "person must have Last mane" do 


person = Person.new(:firstnane => ‘First’ 
Slastnane =>", 
lena\l_address => 'fooBexanple.con' 
rade_in_school => 19) 
assert Iperson.valia? 
end 


‘test "person mst have e-mail address" do 
person = Person.new(:firstnane => ‘First’, 
lastname => ‘Last! 
senail_address => °° 
rade_in_school => 16) 
assert Iperson.valia? 
end 


ene 
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the model would be valid if one of these were 
missing. See Listing 1 for an example of what 
person_testrb, the file that contains the unit tests 
for the Person abject, would look lke just to test 
the need for each of those 

But, you lose something in creating these 
verbose tests, Instead of functioning as a checkup 
fon your code, and as a specification of sorts for 
What you intend to do, these tests become verbose, 
repetitive and dificult to read. 

With Shoulda installed, you now can remove all 
of the test cases that are shown in Listing 1, replac- 
ing them with one simple invacation: 
stellt preset tiation, :lastne, smatasess 

Shoulda comes with a large number of macros 
that can help you test your ActiveRecord models 
in this way. For example, you can test all of the 
validations defined for the Person model using 
Shoulda macros: 

Shute yates preset tise, ashame, eal sess 
Srulataateqanes emi atest, 

vathate nasal ot sere stot 
sare alge grate sah, (1.12 
:locgesige => mst te eer tan ae 19 
cn pesage = ust te Tee an ar egal to 2 


Notice how the Shoulda macros’ names reflect 
the names of the ActiveRecord validators. This 

was done after Shoulda was first released, which 
means that some of the dacumentation you see 


Not surprisingly, Shoulda’s authors 
make it possible for you to create 


your own macros, much as you 
might create your own validator 


method for an ActiveRecord class. 


an-line might be slightly out of date and include 
deprecated macro names. 

‘Also notice that in order to ensure that, 
grade_in_school is numeric and that it is within 
a certain range, conditions that are set by a 
single validation line might sometimes require 
mare than one Shoulda macro. In the particular 
case that | demonstrate here, there was a sur- 
prising mismatch between the error message 
that Ralls gave to Shoulda and the message that 
Shoulda was expecting, in checking to see that 
the person's grade in school is in an acceptable 
range. In the end, | got araund the problem 
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by telling Shoulda what messages to expect 
from Rails. Although this is more verbose than 

I might have liked, it demonstrates the flexibility 
Shoulda offers. 

Not surprisingly, Shoulda’ authors make it 
possible for you to create your own macros, much 
{as you might create your own validator method 
for an ActiveRecord class. | don’t go into creating 
such macros here, but its farly well documented, 
and it means you can create a large number of 
tests, package them together under a single 
Shoulda macro and then use those tests (via the 
macro) across one or more projects. 


Tests and Contexts 
Already, you probably can see how Shoulda macros 
can reduce the amaunt of cade you need to write 
Shoulda also provides an RSpec-lke facity that 
makes it possible to name tests using strings, rather 
than method names. Granted, ths s now included 
in Test:Unit, albeit using a sightly different syntax 
But, you can define tests using the should keyword, 
rather than test, which adds a bit of readabalty— 
especially when used in conjunction with contexts, 
which I describe below. 

Here, | create a single method in the model, 
fullname, which returns the concatenation of the 
person's first and last name: 


det fullname # added to app/models/person.rb 
“e(tiestnane) #(1astname)" 
eng 


Next, | add a new test 


soule “return the concatenation of the first ad last ane” do 


eran = Perse. :tirstnane => “Firat 


lastnane = “La 
ay L_airess = “nat Leraplecon") 


sssert_eual person. fullone, 
ec 


“first Last™ 


Now, there's nothing wrong with this test. It 
not only passes, but it also does a goad job of 
checking that you are getting the right values 
back. Maybe it's just me, but | sometimes end up 
with very long lists of tests and end up categoriz- 
ing them using comments inside the test fie 
Shoulda provides contexts that let you group 
tests within your file, using code rather than 
comments. It's obviously a bit silly to have a single 
context and a single test, but as with many things 
in the TDD/BDD world, it’s worth doing things 
Fight even from the beginning, because you know 
that your codebase will grow over time, making it 
difficult to organize things correctly. 


super powered sites in the world 
are created in Drupal, by you a, 


(EU LOOKT new Lultabot Leaming Series training DVDs at Lullabot.com 
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To define a context, you merely write: 


context "Defined methods" do 
# should” blocks go here 
end 


{In other words, you now can rewrite the test 
block as: 


et srece => “entrap 


With a context block and a should black, you 
now can read your test as, "Defined methods 
should return the concatenation of the first and last 
name.” It's nat the mast amazing description in the 
world, but it's not 2 bad start. And besides, now 
you can add additional should blacks to test other 
defined methods. 

A context may contain other contexts, as well as, 
should blocks. This means that if you have a partic- 
Larly complicated madel you want to test, you can 
have a hierarchy of contexts, with should blocks at 
the bottom. 

Moreaver, using a context block means that 
you can write a setup black, which defines vari- 
ables and atherwise allocates resources that will 
be used inside a should black. You could, for 
instance, now write: 


2Scer_ equal dpeson full, "eeperson. teste) 
‘perso. astray 


As you can see, variables that are shared between 
‘a setup block and a should block need to be instance 
variables, their names preceded by an @ sign. 

When a test is invoked, all the setup blacks 
within all ofits surrounding contexts are invoked 
first. This means if a should block is within three 
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nested contexts, and if each of thase contexts 
has its own setup block, all three will fire before 
the test is executed, 


Conclusion 
H you are using Test::Unit to test your Ruby on 
Rails application, Shoulda is a natural fit, allowing 
you to write a large number of common tests 
Using flexible, easy-to-read macros. In this article, 
| cover uses of Shoulda anly for ActiveRecord 
models, ather parts of Shoulda work with 
controller tests, praviding additional features 
that can be of use for testers, 

From my perspective, using Shoulda is a 
no-brainer. | have used it in a number of projects 
already and found that it further lawered the 
threshold ta TDD/8DD, helping make my code that 
much more reliable. If you are new to testing, 
Shoulda is @ great way to get started, providing 
fan easy way to increase the stability and correct- 
ness of your code. Allin all, Shoulda is a great 
resource for Ruby programmers in general and 
Rails programmers in particular 
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Resources 


‘The home page for Shoulda is thoughtbot.com/ 
projects/shoulda. The documentation here is @ 
{good starting point, but you probably will need to 
play with ita bit to get the hang of things. Even 
the small prablem | described above, in testing 
the minimum and maximum ages for a person, 
showed that you still might need to poke through 
the documentation to understand things fully 


‘A PDF cheat sheet for Shoulda is at 
kylebanker.com/assets/content/2008/ 
shoulda cheat _sheet.pdf, and the popular 
cheat sheet program for Ruby programmers also 
has an entyy: cheat.errtheblog.com/s/shoulda 


‘The following area few interesting blog posts about 
Shoulda that also can provide some useful ideas: 
pragdave.blogs.pragprog.com/pragdave/ 
2008/04/shoulda-used-th. html, 
giantrobots.thoughtbot.com/2009/2/3/ 
speculating-with-shoulda and 
www.alexjsharp.com/2008/10/15/ 
shoulda-painless-unit-testing 
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MARCEL GAGNE 


Cross at Your Platform? 


Open protocols, baby- 


's the only way. If you need to carry on an 


instant-messaging conversation, why not do it in the privacy of your 


own server? 


Without a doubt, | am impressed by your dedica- 
tion to open standards of cammunication, Francois, 
but this isa litle crazy—not that crazy is beyond 
you, mon ami, but you are an the verge af aut- 
doing yourself. Smoke signals? In the restaurant? 
Yes, | realize it's an ancient form of communication 
suitable for short messages, and | am willing to let 
you try many things for the sake of open source 
{and open standards, but | must say no to fires in the 
restaurant—unless yau are making créme brilée, of 
course. Besides, smoke signals require line of sight 
for meaningful communication. Even if| could allow 
it, it just won't work in the restaurant. 

‘Quoi? What about your instant-messaging 
service? You promised your cousins you'd set up 
something? No problem, Francais, !'ve got some- 
thing an tonight's menu that will do the job 
nicely. Now, please clean up this mess quickly. 
(Our guests will be here momentarily. Hurry! | see 
them approaching now. 

Welcome, mes amis, to Chez Marcel. Forgive the 
mess. My faithful waiter is taking care of it. In the 
‘meantime, please find your tables, sit down, and 
make yourselves comfortable. Francois, as soon as. 
you are dane, please go down to the wine cellar 
and bring back tonight's wine. We have a case of 
2007 Jean-Max Roger Sancerre Cuvée les Caillottes 
Sauvignon Blanc from the Loire Valley in the south 
‘wing. This is @ great medium-bodied white, mes 
amis, crisp with great citrus flavor. Enjoy! 

Francois and! | were discussing open instant mes- 
saging when you arrived. If widespread acceptance of 
a technology by businesses large and small constitutes 
a serious technolagy, then instant messaging is all 
{grown up now, Although great for casual, always-on 
Conversation, instant messaging, or IM for short, has 
‘moved firmly into the corporate network infrastruc- 
ture, IM allows you to remain in contact with your 
fellow workers, team members and so on by carrying 
‘on short, angaing conversations. And, its good for 
family and friends as well 

Here at Chez Marcel, we believe strongly in 
‘open source and open pratocols, and that philoso- 
phy also extends to instant messaging. if you've 
used any kind of instant messaging, you know there 
are many providers and many protocols—all of 
them using proprietary standards, There is, hawever, 
a teal industry standard known as XMPP (extensible 
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‘messaging and presence protacal). I's more 
commonly knawn as Jabber, and it's used by many 
companies and organizations. Jabber/XMPP is the 
protocol used by Google Talk.) 

From a business standpoint, Jabber should be 
your clear IM choice. Because Jabber is an open 
protocol, it doesn’t belang to anyone in particular, 
so there is no single campany driving its destiny. 
Your business won't get locked down by proprietary 
formats, Jabber also uses a decentralized approach, 
so the system is more rabust. Best of all, any 
company can run its own private, secure, standards- 
compliant, Jabber instant-messaging server for litle 
(oF no cost for the software. One of my favarite 
Jabber servers comes fram a company called Jive 
Software. It's called Opentire, and it's completely 
open and released under the GPL. 

Getting an Openfire Jabber server up and running 
starts with a vist to the Jive Software's Ignite Realtime 
community site at www.igniterealtime.org, 
Click on Products, then select the Openfire Jabber 
collaboration server link (at the time of this writing, 
the version number is 3.6.4). live and Ignite 
Realtime have many products listed on the site, 
and all of them are meant to enable collaboration 
land communication, but | concentrate only on 
COpentfire here. The package comes in an RPM format 
package as well as DEB. There's aso a tarred and 
{gzipped bundle that should work in enviranments 
Where RPM or DEB might be an issue. Installing 
either version of the package is easy. To install the 
RPM package, type the following: 


sudo rpm -i opentire_3.6.4-1.4386.rpe 


If you choose to use the Debian package, you 
can instal it with: 


sudo dpkg -1 openfire 3.6.4 all.aeb 


If you need to use the tarred bundle, extract it 
in the /opt directory. This is the installation folder 
for the RPM package as well. Openfire files and 
programs wind up under fopvOpenfire. One plus 
of the RPM package is that it comes with the Java 
Runtime Environment (IRE) If you choose (or need 
to use) the tared bundle, you also need version 1.6 
Java RE loaded on your system. Java is, of curse, 


available from java.sun.com. Debian (or Ubuntu) 
ers also need an installed Java JRE. in addition, 
that whole thing about everything in /opt doesn’t 
apply to Debian users. 

The installation process takes anly a few seconds 
on modern systems. You'll see a litle message that 
Setting up Openfire" followed by a couple 

essages advising you that a new user is 
boeing added (named Openfire) and that the server 
i starting. And, that’s pretty much it. The final part 
of the installation, which invalves canfiguring the 


server, takes place using your Web browser. Th 
server takes only a few seconds to initialize, and the 

installer automatically starts the server. Of course, if 

this is @ new install, there are a few more steps, and Figure 1. There are only a few steps to installation, and one 
those are done via your Web browser. The Opentire of the most important i database setup 


interface runs on port 9090, 
to the following address. 


server administrativ 

So point your brows 

http:/facathast:909¢ which it operates, The 9090 port is the default, 
‘A short question-and-answer setup session fol along with port 9091 for secure cannections to the 

(ows. You are asked for your preferred languag server. Unless you have a good reason, it probably 

choices include French, English, German, Spanish makes sense to accept those defaults 

and six others, Click Continue, and next screen is the databa: 

Fully qualified damain name and 1). Openfire supports several database 


Expert included. 


‘Meet Victoria on the right), She the Slicon Mechanics marketing expert resnosile forthe events ana promotion that keep ou customers 
Informed about excivng new products and technologies. She’ pictured here with her twin sister Veronica an ndustral designer to help us make a 
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workload, 
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avaiable withthe R&410-18. Unmarched density and state-of-the-art 


processors make the A410 a superior noice for high-performance SiLiconm 
‘computing, and Vitoria spreading the word with enthusiasm MECHANICS 


When you partner with Silicon Mechanics, you get more 
than the latest and greatest in density, performance, and 
energy efficency—you get an expert ike Victoria, 


For mora lnformation shou the Racor ere RA 
ek waslconmechaniscommastD 
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architectures, including PostgreSQL, MySQL, Oracle 
land others. Each of those requires some external 
setup, but the documentation covers that well f 
your needs are modest, select the embedded 
HSQLDB database included with Openfire. 

For many, the builtin database will suffice and 
serve modest requirements well. In a larger office 
environment, or if you expect to have many users, 
you should use one af the other database options 
(Figure 2). Read each line carefully, because you 
need to enter the database name, user name and 
password to continue. 


Figure 2. Several popular database formats are supported in 
‘dalton tothe bul-in database 


Next, choose where to store your user profiles 
You can select the Openfire database (the easiest 
choice), an existing directory server (such as an LDAP 
server) or ve's Clearspace social business software 
Click Continue, and its time to set up the admin 
account (cleverly called admin). Provide an e-mail 
address for the admin user and a password, and 
click Continue. Congratulations! You have a running 
‘Openfire XMPP (or Jabber) server. Tiss the last 
time you wil see the setup screen. Fram now on, 
when you click on the Web server address, you'll be 
at the Admin login screen. To go there now, click the 
Login to the admin console button an the page 

‘A quick note on procedure: f you just go ahead 
and click that button, you may find that you cant log 
in immediately via the admin console. Here's a tp. 
Befare doing anything ele, reload Openfire’s canfigu- 
tation by typing Fetc/init.d/Opentire restart 

At this point, you don’t actually have to do 
anything else. Using your Jabber client of choice, you 
‘jn create an account and start using the server. For 
instance, with Pidgin, the GNOME multiprotocol 
instant-messaging client, you could click Accounts to 
bring up the Manage Accounts dialog, and click the 
‘Add button. This brings up the Add Account win- 
dow (Figure 3). From there, select XMPP from the 
Protocol list, choase a user name, then enter your 
servers domain name and select a password. Now, 
look at the bottom of the window shown in Figure 
3. There’ a check box labeled Create this new 
account on the server. Be sure to check that box 
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Qeresi pha 


Figure 3. Setting Up a Jabber Account Using Pidgin 


When you click the Add button, anather windaw 
‘appears, and this one asks you to validate the SSL 
certificate from the Openfire server. Click Accept, 
and another window appears to confirm your 
registration. Enter your authentication information 
(user name, password and e-mail address), then 
click OK, The server finishes your registration, and 
you'll get a successful registration box. Click OK, 
and that's it. You'll be back at the account listing 
screen at this point, but not lagged in, so click the 
enabled button, and you shauld be ready to start 
building your buddy list (Figure 4), 


atl, | ao | ower 


Figure & Logging in with Pidgin is done by enabling the 
account under the account manager 


(ver in KDE-land, we have the Kopete multiproto- 
col instant-messaging client. The registration process is 
‘mila. From the main Kopete window, click Settings, 

then Configure. Fram the configuration window, select 


‘Accounts from the left-hand sidebar, then cick Add 
‘Account on the right. You'l see a window asking you 
to choose from ane of many instant-messaging prto- 
cobs. In this case, select Jabber, then cick Next. This 
takes you to step two, the account information win- 
dow from which you can register your new account. 
‘There ae four tabs here, but you need to concern your- 
self only with the Basic Setup at this ime. Enter a Jabber 
(Din the format of username@yourjabberserverddom, 
click the Remember Password check box. (assuming 
you don't want to enter it each time you log in), 
and enter a password. Now, click the Register New 
‘Account button. A Register New Jabber Account 
dialog appears (Figure 5) epee ng 
Everything here should be filled in properly 4 
Confirm the password, then click Register. Back 
at the Account Information window, click Next, 
and then click Finish to wrap it up. You should 
be logged in to your new Jaber/KMPP account 
automatically and ready to chat. You aren't limited 
to chatting with users only on this server. You 
can chat with any other person using Jabber IM, 
including people using Google Talk. Some enterprise 
applications even are including Jabber servers and ‘Figure Setting Up a Jabber/XMPP Account with Kopete 
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chat clients into their software. 

By default, access is open and anyone may 
register. If you are running a private, corporate 
serve, this may not be what you want to do. Securing 
access is dane through Opentire's administrative 
Web interface, which provides an easy way to 
administer all of Openfire's functions. 

Administrative tasks are organized behind a 
system of tabs, with functions organized into major 
categories, Those tabs then can be broken up into 
subtabs. For instance, to add users manually, click 
the Users/Groups tab, then select Create New User 
from the menu, and enter the information directly 
into the Web form (Figure 6). You can add, modify 
or delete users, organize them into groups and 
‘more. The User Summary screen makes it easy to 
check your users’ on-line status, whether they are 
logged on and when they last logged out. 


Figure 7. Define the rules by which users can (or can't) 
register with the system, 


Figure 6. Creating and motilying users also can be done via. 
the Web interface. 


| started out by telling you that any and all users 
‘were allowed to register an account by default, and 
that’s all well and good, but it may nat be what you 
want. To cantral access to certain IP addresses (@ 
local area network, for instance) or whether public 

registration even is allowed, click the Server tab and 


The cool thing about plugins is 
that you can install them on the 
fly on the running server. 


select the Server Settings subtab. Next, chaose 
Registration & Login from the menu an the left. This 
page lets you configure the rules that govern user 
registration (Figure 7). 

‘What seers so simple to your instant-messaging 
users actually is a fairly complex and exceedingly 
powerful collaboration server. The administrator has 
extensive control over Openfire's operation, from 
server-to-server communications, message audit 
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Figure 8, The plugin lst wil make you feel tke a kid in a 
candy store. 


polices, the treatment of messages sent to off-line 
Users (stored, by default), private data storage, file 
transfers, security settings (this includes encrypted 
communications) and a lot mare. Opentire also is 
extensible with added functionality provided 
through a system of plugins (Figure 8) 

The coo! thing about plugins is that you can 
install them on the fly on the running server. There's 
Asterisk VoIP integration, various filters, e-mail 
listeners (to alert users when new messages arrive, 
a live Web-based chat response system (as on 
customer support sites), content filters, a SIP phone 
plugin, monitoring extensions and lots more, To 
install other plugins, click the Available Plugins link 
to see whats available. Each plugin is listed with 
2 description of its function, so you can decide 
whether it's something you need. Adding plugins 
also changes the administrative interface by adding 
new tabs—you aren't going crazy, the interface 
really is changing before your eyes. 

Then, there are chat rooms. We all love group 
chats, or conferencing, if you prefer. Permanent chat 
rooms can be created where users can gather for gen- 
eral meetings or predefined functions. Rooms can be 
customized to define the maximum number of users, 


opentire 


Figure 9 Openfire lets you create custom. permanent chat (or conference) rooms 


password protection, public vs. private, 

What users can da in 

the room is moder 

history and mi 
You can define administrators 

‘according to their Jabber IDs, specify 


who ca 
owners, memb s 

Remember, me and open 
protocols, open standards and open 
source are the reasons why you shauld 
‘consider Jabber for your instant-messaging 
needs. Furthermore, with a cool, open: 
source product like Openfire, your 
company or organization's server pract 
cally is begging for you to give u 
proprietary instant-messaging nonsense 
and move to Jabber/XMPP. 0; 
standards and open protacals mean you 
aren't lacked in to this or any Jabber 
ion. It also means your data 
will be yours, 
s great business sense 
Heck, it makes great sense, period. 

Well, mes amis, that clock is busy 
reminding us that cl 
again here. Now that you've go: 
access to a great instant-messaging 
system, we can keep in touch lang 
after we leave each other tonight 
But, let's nat rush our departure quite 
yet’ There is still more wine, and | 
know that my faithful waiter, Francois, 


ig time is once 


would love nothing more than to refill 
everyone's glass a final time before we 
say goodbye. Until next time, pl 

mes amis, raise your glasses and let 
us all di 

Avot 


to one another's healt 
santé! Bon appétitim 
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Resources 


Kopete: kopete.kde.org 


(Opentire Server at Ignite Realtime: 
www.igniterealtime.org/projects/ 
openfire/index.jsp 


Pidgin: www pi 


Marcel’s Web Site: marcelgagne.com 


Cooking with Linux: 
cookingwithlinux.com 


WETL Bytest: wétlbytes.com 


And choosing 
Linux should 
never limit your 
technology 
options. 


We have 

more than 

500 Service 
Providers 
serving more 
than 12 million 
end-users in 
125 countries 
with our Linux- 
based solution. 


Talk to the 
people who 
know Linux. 


Talk to 
Parallels. 
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DAVE TAYLOR, 


Messing around with 
ImageMagick 


GUIs? We don’t need no stinkin’ GUIs; we've got ImageMagick. Work 


with images from the command line. 


've written previously about working with 
‘graphic images within shel scripts, and obvious it's 
a litle bit tricky because, well, scripts generaly are 
strongest working with text, and you can't even see 
‘graphics, let alone manipulate them directly. Further, 
Jet's be candid, the suite of utilities included with a 
stock Linux/UNIX system doesn't include much that 
help you work with graphics or image files at all 

Fortunately theresa splendid open-source package 
called imageMagick, which actually is designed to 
make working with image files fram the command 
line easy and fast. It's the smart back end to a 
bunch of image utilities, and with a quick trip ta 
www.imagemagick.org, you can download it too. 

A couple different steps are involved in installing 
it, and this time, 'm actually going to play with my 
Apple MacBook Pro and install the utilities to live 
within the Darwin world af Mac OS X 


Installing ImageMagick in Darwin/NetBSD 
Since 99% of the time that 'm using my Mac | am. 
logged in as taylor, 'm going to opt to drop the 
software into my own personal bin directory rather 
than the more standard location of /usr/localisre 
(with the binary in Astlocalfsin). t might be that fm a 
long-term UNIX geek or something, but {have my own 
~/bin (or SHOMEsbin, if you prefer) directory anyway, so 
once the binary fle was downloaded, here's what | dic: 


ar ef /Downoads/nageagick-1386-sople-darwid 6.8. tar 


Because this particular distro includes pre- 
compiled binaries, it’s as easy as just tweaking 
a few environment variables to add the unpack 
directory and proceed: 


‘export MAGICK HOHE=*/Users/taylor bv Inazehagick-6.5.2 
export. PATHE" SHAGICK HEME /:SPATAY 
export BYLO_LISRARY PATH="SHAGICK, HOE 


These are best added to your ~/-profile or 
~/eshe (you're using Csh, but why would you?) 

£0 that theyre invoked each and every time you log 
in or, in the case of the Mac environment, span 
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‘new Terminal shell 
t's a good idea to test the newly installed 
programs too. Find a if, jpg or png file and see 
what the imageMagick identify program says 

Here's how | did that: 


find mane “png” 2 rane °* pg" 0 nae “1 
ghon-18. 008 

S sdetsty tune ong 

tehane- png PMG ATONE ATOAIZEVEG B-bVE 


It's more useful than the file command, 
which reports: 


fie pei 
oon. PAG igh eta, EL, cor, n-ne 


Where identity really shines is with JPEG files, 
Which the file command can't quite seem ta figure 
‘out. Why that's true, I don't know, but that short- 
coming is the main reason | have ImageMagick 
installed on my system, 


Doing Something Useful with 
ImageMagick 
(One of my hobbies is photography, and as a parent, 
[Hind that | frequently end up as the “official” pho- 
tographer for school events. | recently did just that 
for my daughters May Fair event, and | ended up 
with about 500 5-8MB image files that were great 
{or printing (about 4,200x2,800) but not so good 
for viewing on the computer screen. What | wanted 
to do was create images that were approximately 
1,024x800 or thereabouts, so that they'd view at 
100% on a typical computer screen, in a directory 
that paralleled the original image file directory. That 
way, parents could view a slideshow of the smaller 
images and then grab the identically named big 
image if they wanted to upload it and order prints 
With imageMagick, this is easy. In fact, if | 
wanted to use the mogrify command, | could have 
very easily done everything in a single command, 
but because | like obscure, complicated solutions 
rather than simple, elegant ones, | decided to use 
the convert command instead. 


The challenge is that, like everything else in 
ImageMagick, the canvert app has @ staggering number 
of different command flags. Type convert, and you'll 
see what | mean. 

Digging through them, here's the flag | want to use: 


sresize geometry resize the image 

That sounds ke what we need is to resize the images, 
though “geametry" is still a bit of an unknawn. Now it time 
to pop over to the ImageMagick Web site, where we find 2 
ton of options for geometry, including: 


1m scale%; height and width both scaled by specified percentage, 


tm scale-x96xscale-y94: height and width individually scaled by 
specified percentages. 


width: width given, height automatically selected to 
preserve aspect ratio, 


tm xheight: height given, width automatically selected to 
preserve aspect ratio, 


1 Widthsheight: maximum values of height and width given, 
aspect ratio preserved. 


‘Te accomplish the conversion we want, we simply can 
specify the desired width and let the utility do all the work: 


S ideneity osc_7661P6 
5C_7466.1FG 


612648 42BE.2EAAOO 

S convert -restze 1624 OSC_7466.1PG snaller-0S¢_7466.1°G 
C7466. 

val er-DSC_7466.16 JPEG 1624x680 Le2UxS20H@+0 B-D1t 

sworrectClase 776kb 


‘As hoped, the 4,288x2,848 image is shrunk down to 
1,024x680, and the new, smaller image is saved with the 
new filename. 

Great! A quick mkdir smaller, and we're in business, so | 
utlize a shell fr loop to iterate through the 500 images: 


for tilenane in *.png 


convert -resize "S04" $filename snaller/Sfilenane 


‘Once you've gone through the hassle of installing the 
ImageMagick program, it's delightful to see how easily many 
different tasks can be accomplished. 
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MICK BAUER 


AppArmor in Ubuntu 9 


Psst! Your Ubuntu system has been secretly hardened with AppArmor! 


Three years ago, | devoted a couple columns (in 
the April and August 2006 issues of L)) to Novell 
AppArmor, a partial implementation of Mandatory 
‘Access Controls (MACS) that Novell had integrated 
into SUSE Linux as part of its acquisition of 
Immunix. Novell also had released AppArmor's 
source cade under the GPL. | expressed hope that 
‘ther distributions soon would offer AppArmor as 
‘an easier-t-configure alternative to SELinux. 

The good news is, during the three years since 
| wrote those articles, both Ubuntu and Mandriva 
have incorporated AppArmor into their respective 
distributions. Although until recently Ubuntu 
hasn‘t provided very much documentation on its 
AppArmor port—one might even characterize 
Ubuntu's AppArmor adaption as stealthful— 
AppArmor actually has been in Ubuntu since 
Ubuntu 7.10 (Gutsy Gibbon). In fact, | men- 
tioned this inclusion in these very pages in the 
April 2008 issue, in my article “Security Features 
in Ubuntu Server 

‘At the time, | commented that due to its lack of 
AppArmor GU! tools or dacumentation, AppArmor 
in Ubuntu 7.10 appeared to be targeted at expert 
users. With Ubuntu 9.04, I'm happy to report 
that although Apparmor in Ubuntu stil is configured 
strictly via the command line, it's naw amply 
documented and cames with a useful set of 
default profiles 

The bad news is in late 2007, Novell laid off all 
four of its full-time AppArmor developers, raising 
serious questions about the future of AppArmor 
(see The Future of AppArmor sidebar), 

Being a security goon, I'm not optimistic by 
nature. However, | do believe in making hay while 
the sun shines. a compelling tool is available to 
you in Ubuntu 9.04, you should take advantage of 
it and nat worry about whether that tool will be 
available in Ubuntu 11.04—unless, of course, that 
tool requires an enormous investment in your time, 
attention and thought. 

But AppArmor, unlike mast other MAC mech- 
anism, is not such @ tool. As | explain in this 
month's averview of AppArmor in Ubuntu, for 
many applications, you don't need to da anything 
to enable or configure AppArmor protection. For 
thers, AppArmor essentially can train itself in 
protecting them, 

So, let's take look at AppArmor in Ubuntu. 
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AppArmor Review 

In case you missed my earlier articles on this topic, 
AppArmor is based on the Linux Security Modules 
(SMS), as is SELinux. AppArmor, however, provides 
only a subset of the controls SELinux provides. 
Whereas SELinux has methods for Type Enforcement 
(8), Role-Based Access Controls (RBACs) and 
Multi-Level Security (MLS), AppArmor provides 
only 2 form of Type Enforcement. 

Type Enforcement involves confining a given 
application to a specific set of actions, such as 
‘writing to Internet network sockets, reading a specific 
file and so forth. RBAC involves restricting user 
activity based on the defined role, and MLS involves 
limiting access to a given resource based on its data 
classification (or label). 

By focusing on Type Enforcement, AppArmor 
provides protection against, arguably, the most 
common Linux attack scenario—the possibility of an 
attacker exploiting vulnerabilities in given application 
that allows the attacker to perform activities not 
intended by the application's developer or adminis- 
trator. By creating a baseline of expected application 
behavior and blocking all activity that falls outside 
that baseline, AppArmor (potentially) can mitigate 
leven zero-day (unpatched) software vulnerabilities 

What AppArmor cannat do, however, is prevent 
abuse of an application's intended functionality. 
For example, the Secure Shell daemon, SSHD, is 
designed to grant shell access to remote users. if an 
attacker figures out how to break SSHD's authenti- 
cation by, for example, entering just the right sort 
Of gibberish in the user name field of an SSH login 
session, resulting in SSHD giving the attacker a 
remote shell as some authorized user, AppArmor may 
very well allow the attack to proceed, asthe attack’ 
outcome is perfectly consistent with what SSHD 
would be expected to do atter successful login, 

Hf, on the other hand, an attacker figured out 
how to make the CUPS print services daemon add 
a line to fetc/passwd that effectively creates 2 new 
User account, AppArmor could prevent that attack 
from succeeding, because CUPS has no reason to 
be able to write to the file etc/passwd 


AppArmor on Ubuntu 

In SUSE's and Ubuntu's AppArmor implementations, 
AppArmor comes with an assortment of pretested 
profiles for popular server and client applications 
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The Future 
of AppArmor 


‘AppArmar has been adopted as the 
‘default Mandatory Access Contol 
‘solution for both the Ubuntu and 
Mandriva distributions. ve sung its 
praises before, and as evidenced by 
weiing my now third column about 
it cleary 'm stl a fan. 


But, you should know that Apeaemar's 
future is uncertain. In tate 2007, 
Novell lad off ts full-time AppArmor 
developers, including project 
{founder Crispin Cowan (who 
‘subsequently joined Microsoft 


‘Thus, Novall’s commitment to 
‘AppArmor is open to question. It 
‘doesn't help that the AppArmor 
Development Roadmap on Novals 
Web ste hasn't been updated since 
2008, or that Novel hasnt released a 
new version of AppArmor since 2.3 
Bota tin Jy 2008, nearly a year ago 
at the tine ofthis wring 


But, AppArmors source code is GPL 
with any luc, this apparent slack in 
‘AppArmor leadership soon will be 
taken up by some other concerned 
party-—for example, Ubuntu and 
Mandriva developers. By incorporat- 
Ing AppArmor into thelr respective 
‘distributions, the Ubuntu and 
Mandriva teams have both committed 
toat least patching AppArmor against 
the inevtable bugs that come to ght 
in any majar software package. 


Given this murky future, is it worth 
the trouble to use AppArmor? My 
answer is an emphatic yes, for a 
very simple reason: AppArmor is so 
easy to use—requring no effort for 
packages already having dstibution- 
provided profes and minimal efor. 
to create new profles—that there's 
no reason nat to take advantage 
Cf It for however long it remains 

an officially supported part of your 
SUSE, Ubuntu or Mandriva system. 


and with simple tools for creating your 
‘own AppArmor protiles. On Ubuntu sys- 
tems, most of the pretested profiles are 
enabled by default. There's nathing you 
need to do ta install or enable them, 
Other Ubuntu AppArmor profiles are 
installed, but set to run in complain 
mode, in which AppArmor only lags 
unexpected application behavior to 
/var/lag/messages rather than both 
backing and lagging it. You either can 
leave them that way, if you're satisfied 
with just using AppArmor as a 
watchdog for those applications 
(in which case, you should keep an 


eye on Nvar/log/messages), or you can 
switch them ta enforce mode yourself, 
although, of course, you should test 
thoroughly first. 

Still other profiles are provided by 
Ubuntu’s optional apparmor-profiles 
package. Whereas ideally a given 
‘AppArmor profile should be incorporated 
into its target application's package, 
for now at least, apparmor-profiles is 
sort of a catchall for emerging and 
Tiot-quite-stable profiles that, for whatever 
reason, aren't appropriate to bundle 
with their corresponding packages. 

Active AppArmor profiles reside in 


‘Table 1, Ubuntu Packages Having AppArmor Profiles 
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Jetclapparmor.d. The files at the root ofthis directory 
are parsed and loaded at boot time automaticaly 
The apparmor-profiles package installs some of its 
profiles there, but puts experimental profiles in 
/usr/share/doc/apparmor-profiles 

The Ubuntu 9.04 packages shown in Table 1 put 
corresponding profiles into /etc/apparmord 

if you install the package apparmor-profiles, 
you'll additionally get default protection for the 
packages shown in Table 2 

The lists in Tables 1 and 2 are perhaps as notable 
for what they lack as far what they incl 
Although such high-profile server applications as 
BIND, MySQL, Samba, NTPD and CUPS are repre 
sented, very notably absent are Apache, Postfix, 
Sendmail, Squid and SSHD. And, what about 
important client-side network tools like Firefox, 
Skype, Evolution, Acrobat and Opera? 

Profiles for those applications and many 
more are provided by apparmor-profiles in 
Jusr/share/doc/apparmor-profilesextras, but because 
reside there rather than /etc/apparmord, 

jectively disabled. These profiles are 

disabled either because they haven't yet been 


Updated to work with the latest version of whatever 
package they protect or because they don't yet 
provide enough protection relative to the Ubuntu 
AppArmor team's concerns about their stability. 

Testing and tweaking such profiles is beyond th 
scope of this article, but suffice it ta say, it involves 
the logprof command. 


Creating AppArmor Profiles 

Ata high level, creating @ new AppArmor profile 
involves creating a deny all policy and then running 
that profile in complain (log-oni) mode; running 
your application in as typical a fashion as possible, 
Using the resulting log messages to loosen up the 
profile enough (but only enough) for the application 
to work properly, and setting the finished, tuned 
profile to enforce mode. 

Apparmor, through its genprof and logprof 
commands, walks you through this entre process 
interactively 'm not going to cover the process for 
tweaking existing AppArmor profiles with logprot 
logprof sessions are very similar to genprot sessions, 
50 if you're comfortable creating new profiles, it's 
easy to tweak existing ones. (See Resources for 
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Listing 1. A Shell Seript Needing AppArmor Protection 


#/bin/sh 
+ 
# spaztacle.sh : archives /var/spaetzle to specified tar-tile 


tar -cf $1 /var/spaetzte 


more information on the latter) 

So, let's walk through the process of creating 2 
new AppArmar profile. For this example scenario, 
let's start with a simple shell script, spaztacle.sh, 
that could use some protection. Listing 1 shows 
the script itself. 

‘As you can see, this script allows users to create 
a backup archive of the directory Nar/spaetzle, using 
the archive filename specified in the command. 
line (for example, spaztacle.sh mybackup. tar) 
To create an AppArmor profile for it, run the 
following command: 


bbash-$ sudo genprof spaztacte.sh 


What follows is an interactive question-and- 
answer session in which: 


1. genpraf creates a new AppArmor profile for 
spaztacle.sh, containing a simple "deny all 
access" policy. 


2. genprof loads the new policy in complain 
mode and prompts you ta start the application 
ina separate window (this is your first oppor- 
tunity ta demonstrate normal application 
activity to genprof) 


3. After you've demonstrated the application 
sufficiently, genprof analyzes the messages the 
new profile generated in /var/log/messages. 


4. For each lag message, genprof asks what sort 
of rule to add to your new AppArmor profile to 
account for the behavior that was logged. 


5. Alter all lag messages have been analyzed, 
genprof allaws you to repeat the test/analyze 
cycle, which may or may nat result in additional 
rules for the profile. 


6. When you're dane with the testing/log-analyzing 
cycle, genprof saves the profile and loads it in 
enforce mode, You're done! 

‘A full genprof sessian is too lengthy to list and 


dissect here, but we can discuss same highlights 
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from my sudo genprof spaztacte.sh session 
that illustrate haw the pracess works 

First, I'm asked whether genprof should query 
the AppArmor profile repository at opensuse.org, 

I select d to disable repository access. 

‘Next, I'm prompted to run my application. So | 
open anather xterm window, and from my home 
directory, run the command spaztacle.sh 
arf.tar. That command results in the file arf.tar 
beeing written in my home directory, as expected. 

Back in the genprof session, | type s to begin 
scanning the system log for AppArmor messages. 
genprof asks me whether and how to allow /bir/tar 
to be executed, This, of course, is the core 
function of spaztacle.sh, so | type i to cause 
tar to be allowed, “inheriting” the same profile 
2s spaztacle sh itself. 

Next, I'm asked whether to allow /bin/dash to 
run, Because spaziacle sh is a Bourne shell script, it 
needs to be interpreted by /bin/dash (an Ubuntu 
9.04 /birdsh actualy isa symbolic link to fbir/dash) 
I type a to allow /binvdash to run. 

Then, 'm asked whether spaztacle sh may read 
itself—that is, usr/bin/spaztacle.sh. This is an 
expected part of the script-parsing pracess, | type a 

For now, there are na further log messages 
to process, so genprof prompts me to save the 
tweaked profile and asks whether to scan for 
more events, Before answering, | switch to my 
other xterm window, change my working direc- 
tory to /home/mick/Public, and run the command 
spaztacle.sh anothertar.tar. 

‘Sure enough, back in the genprof session after 
| type s again, there's a new set af “complaints 
to process. The first cancerns whether spaztacle.sh 
(actually tar) can read /etc/group. 'm given the 
‘option af allowing access only to /etc/group or of 
enabling the abstraction called nameservice. 

Abstractions are groups of commanly accessed 
profile abjects that constitute common system 
functions and services, such as checking file per- 
missions, loaking up hostnames and so forth. In 
this case, | select the nameservice abstraction and 
type a to allow it. 

Next, genprof asks me whether ta allow only 
write access to the (new) file anothertar.tar, or to 
Use some sort of wild card (“glob” in AppArmor 
parlance). Because | want users to be able to 
Create arbitrary tar archives in their respective 
home directories, | type n to specify a new glob, 
and specify /home/** 

In AppArmar profiles, ** is a wild card that 
means “any string, including /". This is in contrast 
to *, which means “any string up ta and excluding 
2/ and anything after it”. Therefore, /hone/** 
means “everything within /home/, including all 
subdirectories of its subdirectories” 


Listing 2. The Finished Profile 


# Last Modified: Mon Jun 15 21:29:38 2099 
include <tunables/glabal> 


Juse/bin/spartacte.sh { 
#inelude «abstract ions/base> 
#include <absteact ions/naneservice> 


Ibinseash ix, 
Iosn/tar rix 

owner /hame/** a, 
Juse/bin/spaztacle.sh 
Ivarfspaetzie/ 
Iwar/spaetzie/** ¢ 


This implies that users might be able to write files to other 
users’ home directories, but AppArmor cantrols augment 
normal Linux filesystem permissions; they don’t replace them, 
In our example, therefore, users will be able to wnte to other 
other users’ directories only if those directories’ permissions 
are set accordingly. 

In fact, our /home/** rule actually reduces the number of 
places spaztacle sh can create tar archives. Without this rule, 
spaztacle sh can write in any directory in which the user exe 
cuting it has write privileges, not just subdirectories of /nome. 

There are just two more lag entries to account for. One 
concerns read access to /varlspaetzle. | type a to allaw this 
access. You might be tempted to create a new glob instead, 
(var/spaetzie/**, but as it happens, tar handles the direc- 
tory itself and its contents separately 

Therefore, only after creating the rule allowing access to 
‘Narlspaetzle and being prompted for a decision an allowing 
access to the file ar/spaetzle/arttxt, will | type n, create the 
new glob /var/spaetzle/** and allow access to it 

Finally, we've reached the end of the new AppArmor 
events in /var/lag/messages. When genprof asks me what 
to do after saving the changed profile, | finish the genprot 
session. genprof puts my new profile into enforce mode, 
reloads it and I'm done! Listing 2 shows the result, 
Jetc/apparmor.d/ust.bin spaztacle sh. 

Happily, if | run spaztacle.sh again, it stil works. But, is 
AppArmor doing anything? | can make sure the new profile 
is loaded with this command: 


bash-§ sudo aa-status 
Here's part of its output: 

apparmor module 4s loaded 

26 profites are loaded 


13 profiles are in enforce mode 
use /sbin/cland 
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Just/sbin/cupsd 
just /bin/spaztacte.sh 
teal 


Great! The spaztacle sh profile is loaded in 
enforce mode. Besides shawing what profiles are 
leaded and in what mode, aa-status also lists which 
processes are being protected actively. Because 
spaztacle sh isn't actually running at the moment, 
it doesn’t turn up in aa-status' output as an active 
pprocess, but that's okay—normally you'd expect 
server daemons, not commands per se, to turn up 
in that part of aa-status’ output 

There's just ane more test we'll da to see if 
AppArmor is doing its job. The mare astute among 
you may have noticed that there's a glaring flaw in 
my litle shell script (Listing 1). Because | didn’t 
contain $1 in quotation marks, its possible for a 
mischievous user to execute spaztacle.sh like this: 


bash-§ spaztacle.sh *tarfile,tar /ete/apparaor.a/* 


When the tar command in spaztacle expands the 
command input, it will correctly interpret tarfletar as 
the target file, but will include not only Aar/spaetzle 
but also /etc/apparmord/ in the tar archive! On the 
‘one hand, local file permissions still apply. This 
‘works only if users in question have read access to 
Jetc/apparmotd, which means that although they'te 
‘ticking spaztacle sh, they aren't copying anything 
they'd otherwise be unable to get at 

But an the ather hand, this is unexpected 
behavior for my unfortunate script. | don’t want 
users to be able to include arbitrary directories in 
their authorized backups of /var/spaetzle, 

So I'm glad to see that if | actually try running 
spaztacle.sh that way with my new AppArmor 
profile in enforce mode, this is the result, 


tari /ete/apparmor.d: Cannot open: Permsston dented 
tari Error exit delayed from previous errors 


The following message also has been written to 
Narhogimessages 


Jun 16 01:17:43 myeksbox hernel: (S7354,414867) type=i5@3 
uci (1245133663 528-1804): operation inode. permission” 


Success! AppArmor has correctly identified bad 
behavior on spaztacle.sh’s part. And, the intended tar 
file (tarfiletar) not only was created, it also contains 
the backup of Marfspaetzle that | did want the user 
to be able to create—only the unexpected part of 
spaztacle-sh’s activity was blocked. Success indeed! 
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Conclusion 

Using genprof may seem a little invalved, but the 
man pages for genprof, logprof and apparmor.d 
explain mast of what you need to know. The tutori- 
als listed in Resources should be helpful too. | hope 
Ive covered enough here to get yau started using 
AppArmor an your own Ubuntu system!m 
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Resources 


bodhi zazen’ “Introduction to AppArmor” for Ubuntu 
‘ubuntuforums.org/showthread,php?t=1008906 


Official Ubuntu AppArmor User Guide: 
bnttps://help.ubuntu.com/9.04/serverguide/C/ 
apparmorhtm! 


Oficial Ubuntu AppArmor Overview: 
www.ubuntu.com/products/whatisubuntu/ 
serveredition/features/apparmor 


Ubuntu Community AppArmor Documentation: 
hhttps:/help.ubuntu.com/community/Apparmor 


"AppArmor s Dead” (Blog Post by Russell Coker) 
cetbe.coker.com.au/2008/08/23/apparmoris-dead 


"Go Ahead, Make My Day" (Response to Coker by 
CCrspin Cowan}: blogs.msdn.com/crispincowan/ 
archive/2008/09/02/go-ahead-make-my-day.aspx 


Novell AppArmor Developer Roadmap: 
developer.novell.com/wiki/index.php/ 
Apparmor dev 


Miscellaneous, Interesting AppArmor Notes on the 
Ubuntu Wik: https://wiki.ubuntu.com/AppArmor 


“The OpenSUSE Projects AppArmor Page: 
en.opensuse.org/Apparmor 


"Security Features in SUSE 10.0” by Mick Bauer, L 
‘Apnil 2006: www.linuxjournal.com/article/8783, 


"An Intraduction to Novell AppArmor” by Mick 
Bauer, Li August 2006: www-linuxjournal.com/ 
article/9036 


"Secuty Features in Ubuntu Server” by Mick Bauer, 
‘Api 2008: wwwwlinuxjournal.com/article/10012 


However you get there, get there 


Because some events are just too important to miss 


Cybersecurity threats are recession-proof. Even in challenging times 
you can davise ways to do mare with less to defend your organization 
against increasingly sophisticated attacks. We wil help you achieve 
this goal at SC World Congress 2009, 


Youll develop cost-effective strategies to solve cybersecurity problems 
while immersing yourself in the atest inteligance and practical 

tactios dalivered by leading independent experts. Experience the 
newest solutions, free keynotes and a host of other activites 


‘secutity education across four 
dedicated tracks 
‘expert speakers with global 
perspectives 
showcasing the best 
information security tools 
to find the 

Industry's most innovative new companies 

to network with your peers and 
earn continuing education credits from (ISC)* 


October 13-14 at the Sheraton New York 
Hotel & Towers in New York City 


REGISTER NOW to attend 


po and ke 


for the full ind, for a limited time, qualify 


cary bird discount 
ess 
Oe 


Visit www.scworldcongress.com. 


COLUMNS 
HACK AND / 


KYLE RANKIN 


What Really IRCs Me: 


Twitter 


In my never-ending search to do all communications through the 
same IRC client, this month | present tircd—a great way to connect 


to Twitter over IRC. 


{In last month's column, | talked about the fact 
that | thought IRC was the ideal interface for quick 
communication with my friends. | keep an IRC 
session running at all times within a screen session, 
so | can continuously lurk in all af my channels 
Because many of my friends use IM instead of IRC 
though, I've had to figure out ways ta manage all 
of my communication without having a ton of 
different programs open. Last month, | discussed 
how | used Bitlbee so | could access ail sorts of IM 
services fram my IRC client, and | promised that in 
the follow-up column, | would talk about haw to 
do something similar for Twitter. 


A Quick Twitter Rant 
In case you didn't read last month’ Point/Counterpoint 
column, let me summarize my opinion here. | 
don’t see the point of Twitter. | think everything 
people use Twitter for already could be achieved 
with IRC and instant messaging without the 
character limits. Again, IRC is my ideal way to 
communicate, but naw some of my friends 
(ahem Bill) talk more on Twitter than they do on 
IRC. So after much prodding from Bill, | bit the 
bullet and registered a Twitter account sa | could 
see what the fuss was about. 

‘Now, just because | had a Twitter account didn't 
‘mean | was going to flaad the Internet with every 
‘meal and traffic jam in my life. My main require- 
ment for setting up the account at all was that | 
could access everything via IRC. That way, Twitter 
was nathing more than another IRC channel, only 
with higher latency and lower stability. Ta be 
honest, | mostly use it in "read-only" mode and 
just read other people's tweets. 


tired to the Rescue 
Itturns out I'm not the only one wha wanted to 
access Twitter aver IRC, and in fact, quite a few dif- 
ferent programs out there provide a lacal IRC gate 
way to Twitter. Unfortunately, none of the programs 
hhave been packaged for my distribution yet, so after 
struggling to get a few running, | finally found one 
with a reasonably simple install that worked: tired 
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tired isa simple Perl script that works much like 
Bitlbee. When you start the program, it creates a 
new IRC server on your lacal machine that you can 
connect to with an IRC client. The only difference 
is that it interfaces with your Twitter account, so 
people you follow show up as users in the channel, 
and their tweets show up as normal chat messages. 
Once yau ate in the channel, everything you type 
becomes a new Twitter message as well, so it 
behaves much like any other IRC channel 

Ta instal tired, frst go to the main project page 
at code.google.com/p/tired, and download the 
latest versian. As with many Perl scripts, tired makes 
use of some CPAN modules yau might not have on 
your system, so dust off your Perl programmer hat, 
{and type the following command as raat to install 
the CPAN modules: 


# cpan -1 POE POE:=Fitter::IRCD Net Twitter 


IF this is the first time you've used CPAN on 
your system, you frst will have to go through a basic 
PAN configuration process, soit knows which 
mirrors to use and whether you have any proxies in 
place. Apart fram when you choose the mirrors, the 
Gefauit settings should be fine, and when you select 
the mitrrs, simply pick a few that might be cose by 

Once the CPAN modules are installed, extract 
the tired package in some ditectory (your home 
directory works), and then change to that directory. 
You'll see that only a few files are inside: 


§ tar xzvt tired v8.7. tar.gz 
5 cd tired 

Sis 

ARTISTIC GPL tircd.cfz tired.pl tired.pod 


tied includes a sample configuration file that is 
heavily commented, so you can see what each 
option does. The default settings should work in 
‘most situations, unless you already run a local IRC 
server (such as Bitbee in my case). If you do run 
another IRC server, change the port setting in the file 
{rom port 6667 to port 6668 so it won't conflict. 


Start and Connect to tired 
To start tired, simply execute the tircd.pl script and pass the 
path to the tired.cfg file as an argument. Because | was already 
in the tired directory, could type: 
§ tired pt .stired.ets 
You should see a number of lag messages scroll by in the 
terminal, and if you want to use the terminal far something 
else, don't forget to add the & character at the end to start 
this in the background. Now you might be wondering how 
you enter your account information. All of this is set when you 
Connect to the local server. Just use your Twitter user name 
and password as authentication. For instance, an mast 
command-line IRC clients, you would type: 


‘server localhost 6667 twitter password twitter username 


{In my case, as | already had Bitlbee running on port 6667, 
| connected to part 6668: 


‘server localhost 6668 twitter password twitter usernane 


‘Once you are connected to the tired server, join the #twitter 
channel, tired automaticaly imports 


Advanced Twitter Channels 
One of the more interesting aspects af tired is that you 
can set up multiple channels with only certain users in 
it. This can be useful if you follow a large number of 
accounts and want to organize them. Simply /join a new 
channel an the tircd server, and use /invi te to add those 
particular users to that channel. Now, whenever those 
Users update their status, it appears both in twitter and 
in this new channel 

You also can use new channels for custom search queries. 
Again, /join a new channel of any name, and then use the 
/topic command to change the topic to the Twitter search 
query you want to use, All of the results of your search then 
‘appear in the channel 

‘Okay, | admit it, Twitter isn't so bad when you can access it 
inside IRC. | stil think i's easier and faster to chat with people 
‘over IRC, but with tired, can find out what Larry King and 
Oprah had for lunch in my localhost #twitter channel and chat 
with all the great people in the official #linuxjournal channel 
all fram the same clent.m 


‘le Rakin isa Snir Systems Adnan th So Fania Bay Area and he abr oa 
umber of booksincng asp acks and unt acs ely Meda es cunt 
‘he presen oft North Bay ur User Grp. 


everyone you are following, so they 
show up as users in the channel, and you 


also wil see their recent posts. Any users 
that follow you back are voiced (+). 


Using IRC Commands with tired 
tired warks with a subset of traditional 
IRC commands, so itis pretty intuitive if 
you already are familiar with IRC. Your 
last Twitter status shows up as the topic 
of the #twitter channel, and if you want 
to update your status, all you have to 
do is type 2 message in the channel. IF 
you want to send a direct message to 
other users, simply send them a private 
message. Likewise, if they send you a 
direct message, it shows up as a private 
message in IRC. 

There are two different ways to follow 
fr remove users. Fst, you can follow or 
remove them from the Twitter site ar from 
any other Twitter client, and you will see 
‘thse users join or leave your #twitter 
channel. Second, you can use the /invite 
|RC command followed by the users 
Twitter user names to folw them. To 
remove them, all you have to dois /kick 
‘them from the channel. f you want to 
block users completely, just use /ban, and 
use /unban to unblock them. if you want 
‘to get information about a use, you can 
use the standard IRC /whois command, 
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NEW PRODUCT 


Ksplice Uptrack Service 


‘Across the pond at Germany's big LinuxTag event, Ksplice unveiled Ksplice Uptrack, a new service that installs security 
‘and bug fixes on a running kernel without rebooting. Ksplice, whose technology was developed at MIT, claims to be 
the only solution that allows this application of updates without rebooting. Currently availabe for Ubuntu 9.04, 
Uptrack supports generic, virtual and server kernels. It also works in VMware, Xen, Virtuazzo or other virtualized envi- 
ronments. Although the initial release is 2 consumer-oriented solution, an enterprise solution is expected in Q3 2008. 
[See the August 2009 issue for a feature article on Ksplice.] 


www.ksplice.com, 


Fixstars’ CodecSys CE-10 H.264 Encoder 


other Cell-based platforms, The latest solution is the CadecSys CE-10 product, a faster-than-real-time 


tencader cards and workstations. The PS3 is connected via Gigabit cable. The H.264 format allows for 
half the size of MPEG2 for DVD and TV broadcasting while retaining equivalent quality 


us.fixstars.com/products/codecsys 


Entuity’s EYE NPE 


Entuity’s new network management solution, Eye of the Storm Network Professional Edition (or EVE NPE 
for short) is now available. The company says that EYE NPE offers “enterprise functionality ata price point 
previously reserved for workgroup-class tools" and adds “revolutionary technology for the mid-market" 
regarding automation, accuracy and deep functionality. Other product advantages include automatic surveying 
‘of networks in real time, an intelligent view af abject connecthity, root-cause analysis and a broad range of 
configurable thresholds. Furthermore, rather than a device-centric approach, EYE NPE includes userconfigurable 
views that represent any logical collection of devices or segmentation of the network. The solution runs on 
RHEL Server, VMWare ESX Server and Microsoft Windows Server. 


www.entuity.com 


mimio Studio 


Ksplice 


The company Fistars (formerly Terra Soft of Yellow Dag Linux fame) keeps cranking out juicy goodies for the PS3 and 


1.268 video 


encoder that runs off alive USB stick or CD on the Sony PS3 using a microversion of Yellow Dag Linux. as its lve OS. 
Inthe solution, the P53 acts as an external accelerator, encoding video files sent from the host PC, replacing expensive 


compression to 


® 


enturty 
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Justin at the education desk is mimia Studio 6, the latest release 
of mimio’ interactive teaching software. The application is one 
celement—together with the mimio Interactive System, a projector 
and mimio ink Capture Kit—in a system of presenting interactive 
lessons to students in schools. One can interact directly with the 
system, as well as import a wide vanety of extemal media. New 
features in version 6 include support for multimedia files, a gallery 
for fast lesson creation and a slimmer toolbar. Interesting for 
Us Linux geeks is that the system now works with Linux and 
Mac 05 in addition ta Windaws, enabling a lesson created on 
fone platform ta run on all three 


NEW PRODUCTS 


CodeWeavers’ CrossOver Linux, CrossOver Mac 


Building on numerous improvements in the Wine Project, CodeWeavers has released version 8.0 of its popular CrossOver 
Linux and CrossOver Mac products. These products respectively transfarm Linux and Mac OS X inta Windows-compatible 
‘operating systems for selected applications. Both products, says CadeWeavers, include support for Internet Explore 7, 
(Quicken 2009 and performance upgrades for Micrasaft Office 2007, particularly Outloak. In addition, users wil find that 
many other previously supported applications will eun much faster and more stably. The company further offers that all 
of its products are significantly less expensive than the cast af a Windows license, allowing users economically and 
legally to eliminate the need for Microsoft Windows. (And there was much rejoicing.) 

www.codeweavers.com 


cross zover Linux 


Opera Unite 


‘The company Opera (of browser fame) says that is new Opera Unite is 3 new technology 
that wil shake up the old client server camauting model of the Web and "decentraize and 
‘democratize the coud”, Essential, Opera Unite isa Web server an the Wet browser. It 
tumns any computer into both a cent and a server, allowing it to interact with and serve 
content to other computers rectly across the Webs, without the need for thic-party servers. 
For consumers, Opera Unite offers greater control of private data and makes it easy to share 
data with any device equipped with a Web browser. For Web developers, Opera Unite ser- 
vices are based on open Web standards, and creating a full Web service is as easy as coding 
‘a Web page. Currently, Opera Unite offers six services file sharing, Web sever, media payer, 
photo shating, "The Lounge” chat service and “The Fridge" message exchange. 
unite.opera.com 


Green Gadgets for Dummies (Wiley) 


Greening your gadgets and lifestyle can be not only fun but money-saving as well Such is the motto 
Cf Joe Hutsko's new book Green Gadgets for Dummies from Wiley, a ttle billed as a frienly reference 
for exploring the environmental and financial benefits of green gadgets. Green gadgets encompass 
‘everything from iPads to energy-efficient home entertainment devices to solar laptop chargers and 
‘rank:powered gizmos. The baok explains haw to research green gadgets, calculate energy consump- 
tion, make a smart purchasing decision, use products you already own in a more environmentally 
friendly way, and bid farewell to electrancs that zap both energy and money. Finally, the book covers 
product labels and how to avoid “greenwashing” —that is the overseling of environmental benefits 
‘www.wiley.com 


Green Gadgets 


CoroWare’s Explorer 


CoroWare Technologies announced the Explorer, an all-terrain robot designed and optimized for 
conducting R&D into new robotic applications that operate in unstructured, outdoor environments. 
Built on a ruggedized chassis, the Explorer functions well outside the lab, navigating rough terrain and 
resisting environmental elements. The Explorers camera, wheel encoders and GPS enable the robat to 
‘examine the environment while the fuly articulated fourwhee! drive ensures the Explorer can navigate 
‘curbs, steps and inclines, By including a 2.0GHz PC-class processor, BOGE disk storage space and 
Ubuntu Linux with support for Player Project pre-installed, Explorer is ready to support any software the 
developer desires. Explorer comes standard with fourawheel drive, 802.11n Wil, GPS and 1600x1200 
color camera. Expansion capabilites exist via extra USB, RS-232, digital VO and analog inputs. Options 
include wheel encoders, a panftit/2oom camera and a 64-bit dual-core motherboard, 


‘www.coroware.com/explorer 
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BN ven rrosecis 
Fresh from the Labs 


Linux-MiniDisc—(Almost) Full 
MiniDisc Support for Linux 
‘nttps/wiki phys fu-bertin de? 
linux-minidise/doku.php 

If you've got a stack of MiniDiscs ying 
around rotting, because you hate 
rebooting into Windows just to have 
basic access to your hardware, others 
‘exist who share your pain. One of these 
people is Adrian Glaubitz. Acrian sent 
me an e-mail, saying the following: 


Almast all newer MiniDisc 
\Walkmans made by Sony and 
‘other manufacturers have a 
UsB-connectar that allows 
download and upload of audio 
tracks and data to the 
MD-Walkman from a PC. 
However, since Sony is also a 
major record label, thas adopted 
a sophisticated system of DRM 
protection that requires 3 prop 
etary software from Sony called 
SonicStage, which runs on 
\Windows only, even the latest 
Wine version is notable to run it 
smoathly enough to allow transfer 
fronvta an MD-Walkman 


Being a passionate Linux user since 
1998, Adrian was annayed by always 
having to reboot into Windows to do 
anything with his player. There were 
Linux projects around, but they never 
allowed him to do much more than 
control his player—audio transfers were 
impossible. Adrian then decided to start 
this project, together with a friend who'd 
been working on parts of Wine for years 
(a great exercise in reverse engineering), 
and now the project has almost 20 
people (some from older/defunct 
MiniDisc projects) contributing to the 
program in some form ar anather. 

Installation First, there are many 
strange library requirements to take care 
Cf, so jump into your package manager 
to grab these elusive creatures (they 
might have different names in your 
distro, but the following at least 
should give you a clue) 


vbgtd-cev buvld-essental glib? 6-209 
seLiomacd-dey Liteerypt-dev emake Linsax-dev 
stitnerypté Librerypt-dey cake 


‘The Linux MiniDisc Project now is atthe point 
cof basic GUI interaction and functionality with 
your player—a major milestone for previously 
neglected MiniDise users. 


Tech heads should have a look at some of the 
Adaltonal coneoe tals available for further 
vice wrangling 


To download the source, grab the 
repository using git. Open a terminal, 
and enter a directory where you won't 
mind the source being saved. Now, 
enter the following command: 
$ 00 cee 0/86. sysh tra et ucnise 
This project is broken down into two 
major parts: libhimd (the library) and 
QHIMDTransfer (the GUI application). 
Let's campile both of them at once. 
Change into the linux-minidise directory, 
and compile the program with the fol 
lowing commands: 


Sed Linux-minidsse 
S cnake 
$ make 


Take note of the . character after 
‘emake; it's not a misprint, and you'll 
need it! Once compilation has finished, 
change into the QHMDTransfer directory 


44 | september 2009 www.linuxjournal.com 


and run the program, lke so: 


5 ca hinoTranster 
5 ./QHiMDTranster 


Usage Once you're inside the applice 
tion, you need to mount your MiniDisc 
device before you can browse it, upload to 
itor download from it. f you don't have a 
MiniDisc device, but you're stil interested 
in exploring this program’: features, there's 
an image you can use to simulate the 
device available on the given wiki page, 
‘along with instructions. When you have 
your device maunted, click Fil=Connect, 
‘and choose the falder under which your 
(Minibse player is mounted. 

IF all goes well, your player's contents 
will came up in the main window. From 
hhete, you can choose to copy to or from 
the player with some fairly abvious| 
cues from the GUI (its a pretty basic 
interface). For those interested in doing 
more with their MiniDisc players, there 
are also tools like himdtest in the 
libhimd directory for things like track 
uploading, encryption info and so on 

For the mament, yau can upload 
only MP3s and unencrypted PCM files 
‘as WAVs, but the team is working an 
total functionality. As Adrian told me: 


We ate now very confident 
that soon we will have finished 
completely reverse-engineering 
the necessary protocols and file 
formats, so that there will be 
complete support for MiniDisc 
‘on Linux without any limitations 
by DRM, which ate imposed by 
the original bloated Windows 
software. Once we have a first 
stable version, a frend af mine 
who is a Debian developer will 
help get the software into 
Debian and make it avaiable to 
all DebiarvUbuntu-users, 


| hope they do. The mare niche hard: 
ware that’s supported by Linux, the more 
‘aur OS will be known for hardware- 
friendliness. Adrian tells me that he's also 
chasing some Qt programmers who can 
spruce up the GUL a itl, so if you're a 
programmer on the lookout for a project 
to contribute to, give him a shout, 


SocNetV—Social Networks 
Visualizer 
socnetv.sourceforge.net 
According to SocNet\'s Web sit: 


Social Networks Visualizer 
(SocNetV) is a fleible and user- 
friendly too! for the analysis and 
Visualization of Social Networks 
It lets you construct networks 
(mathematical graphs) with a 
few dicks on a virtual canvas or 
load networks of various formats 
(Graphviz, GraphM, Adjacency, 
Pajek, UCINET, etc) and modify 
them to suit your needs. 


‘The application can compute 
basic network properties, such 
as density, diameter and dis- 
tances (shortest path lengths), as 
well as more advanced structural 
statistics, such as node and net 
‘work centralitis (Le, closeness, 
bbetweenness, graph), clustering 
coefficient, etc. 


| tried reading that a few times and 
my brain exploded, so | thought Id 
ive ita look and find out just what it 
was all about and explain it in human 
language. What | discovered was a 
deceptively simple yet sophisticated 
program that organizes collected data 
in very cool ways. Now, | must state 
from the outset that it has nothing to 
do with sacial networking in the guise 
‘of MySpace, Facebook and so on 
(although you could use it for plotting 
those things out if you really wanted 
to). SocNetV is a means of platting 
data in new and original ways 


SocNetV lets you plot data and s 


around, tink 
‘sections and find constellations inthe sea af information. 


When you make your fist few clicks, 
it appears to be just another basic plating 
‘program, where you can make a flow- 
chart or some other kind of information 
“tree. Not so. The advanced mathemati- 
cal features turn grid points into fluid, 
almost organic organism that can change 
‘and adapt in real time and reveal all sorts 
of patterns and flaw in what appears at 
first to be stagnant information. 

Installation |f you head ta the 
Web site's download section, SocNetV is 
available in packages for just about any 
distro you can shake a stick at, as well 
as a Windows binary, the usual source 
and even a Klik package (| haven't seen 
fone of those for a while). | went with 
the Ubuntu package, but if your distro 
isn't on the list, or if you would prefer 
the source for whatever reason, you 
can da that too. If you are compiling 
from source, you need to grab the 
Qt4 development files, along with the 
QtWebkit development files. When 
you're ready, grab the source, extract it 
and open a terminal in the folder. Fram, 
here, it's @ case of doing the usual: 


5 /eontigure 
§ make 


make install 


(Once the installation has finished, 
you can run the program by entering, 


tf you're lucky, it'll also be in your 
system's menu; mine was under 
EducationMathematicsSacial 
Networks Analysis and Visualisation. 

Usage Once inside, the first thing 

you'll se isa large blank white 
space, which is where your 
networks will be drawn, On 
the left are contrals to Add or 
Remove a Node and to Add or 
Remove a Link. These are the 
‘most important controls, and 
you'll use them a lat. Now, let's 
create our first node, 

Click Add Node, and a 
small yellow circle appears in 
the blank space on the right. 

«, | This first node automatically 
becomes the first point of ref- 
erence for all the other nodes, 
0 it's best to make this node 
the most important—the 
nucleus, the genesis fram 


TS-7500 
Embedded Computer 


Faster. Smaller. Cheaper, 


au 100 $84 


743 mm /2.925 in. 


Ge mm/2.600n 


Powered bya 


250 MHz ARM9 CPU 


» Low power, fanless, <2 watts 
» 64MB DDR-RAM 

= 4MB NOR Flash 

1 Micto-SD Card slot - SDHC 

USB 2.0 480Mbit/s host (2) slave (1) 
» 10/100 Ethernet 

‘= Boots Linux in less than 2 seconds 
» Customizable FPGA - 5K LUT 
 Power-over-Ethernet ready 

1 Optional battery backed RTC 

= Watchdog Timer, 

= BTTLUART 

+» 33 DIO, SPI, 2c. 


Dev Kit provides out-of-box 
development + extra features 


a 
2% Technologic 


SYSTEMS 


We use our cut 


www.embeddedARM.com 
(480) 837-5200 


NEW PROJECTS 


Which all the other nodes spring. With 
the nade made, i's best to give this first 
rnode a label that sticks with the idea of 
it being a reference point. 

Say you were mapping out your 
MySpace friends (goodness knows why, 
but let's run with it). You might want to 
name the first node something like “My 
Home Page”. Or, let's say you were a 
Dr'Who fan mapping out the Dr Who 


positive numbers drawing a solid line 
between nodes and negative numbers 
drawing dotted lines. The higher the 
‘number, the thicker the line 

You've now connected your first two 
nodes, and from here | suggest adding 
some more to get the idea. If you 
right-click on a node, you'll notice the 
(Options menu has a number of things 
to play with in terms of customizing 


What | discovered was a deceptively simple 
yet sophisticated program that organizes 
collected data in very cool ways. 


Universe; you might want to call the fist 
node “The Doctor", and so on. You can 
do this by right-clicking on the node, and 
‘choosing Options—+Change Label 

Now, to add your surrounding nodes, 
click Add Node again, and a new node 
with the number 2 appears on the screen. 
Tolink this to node number 1, click Add 
Link. A series of prompts now appears in 
regard to the rest of the field of nodes, 
Which is just the two for now. Fist up is 
the target node—1, by default. Next is 
the strength of the link, which, by default, 
willbe 1.0. Ths value i very important, as 
it defines how valuable/importantirelevant 
the link is to another node. You can use 
any number between ~20 to 20, with 


>My Metallica chart in all is glory! Well there's a few mistakes, 


‘but Fm sure you won't mind, 


each node, such as turning it into a 
square, changing the color and so on. 
Doing so helps differentiate one kind of 
node from another, helping to define 
what information it is representing 
Visually. For instance, in my diagram 

Cf Metallica's history and affilations (a 
band with a loaded history and a great 
deal of influence—a perfect testing 
ground for this kind of thing), band 
members are represented by a green 
circle, and bands/collaborators are 
represented by yellow circles 

You also can change the color of 
each line liking 2 node, adding more 
differentiation to a sea of probably messy 
information. For actual band members, 

Fve gone with a strong 
‘ray line, with a dotted 
line for ex-members, and 
red line for the late Clif 
Burton (RIP). Actual 
bands and important 
projects are signified by 
blue ines, and casual 
projects and one-offs 
are represented by pink 
lines, Don't forget that 
you also can move 
around nodes by left 
clicking and dragging 
if things get messy 
and you need to do 
some rearranging. 

‘Once you've made 
yourself a full grid of 
information, you can 
apply a bunch of crazy 
mathematics that can 
morph your information 
in real time, showing you 


‘Advanced mathematics can morph your 
networks around in real time (as this 
screenshot isin the middle of doing), as 
your structure begins to resemble a 
‘moving, almost breathing organism, 


Certain preset formulas can constellate your 
Information, showing you new information in 
otherwise banal data 


‘new patterns in the information that you 
probably never thought of before. Check 
‘out the Layout menu and experiment 
With all the options for a real demo, 
which showcases what this program is 
really all about 

Although this project still has a 
few kinks and interface problems, 
anyone interested in the flaw of infor- 
‘mation and discovering patterns in 
any area of life definitely should check 
‘out this project. In terms af industry, 
social analysts looking for new pat- 
terns in saciety, wealth and so an 
would find this of particular use. I'd 
also like to try using it in Analytical 
Psychology, mapping out various con- 
stellations of ideas in someone's psyche. 
There are endless uses for a tool like 
this that are limited only by your 
imaginatian—fascinating stuff. 


theese manic ote wal’ met lated cy—Parh. 
Western Astral can say found eter brea an 
ada eee erating Kika eon acai 
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GOOGLE 
CHROME 


the Making of a Cross-Platform Browser 


Google’s Evan Martin and Mads Ager discuss 


the challenges behind making a browser work 
well on Linux, Mac OS and Windows. 


This article on the development of the Google Chrome crossplat- 
form browser started off ike any other interview. interacted with 
Google by e-mail and phone and started pling together the 
responses to my questions. It turned out thatthe “official” responses, 
‘were much shorter than | was used to. “Why are these guys so shy?", | thought. 
In interviews, | typically have to whittle down my respondents! answers because 
they love teling ther story—in glorious detail 
So, | went back to Google to see what was up. “Free your developers to 
speak!", | exclaimed. “We want to know the gritty insiders! take on Google 
Chrome development!" My contact there told me tha interviews are challenging 
because a direct quote is ke going “on record" and needs to be 
vetted by several layers of management (and maybe attorneys?) And, when 
you're the big fish in the pond, you have to be careful what you say. lam not 
Used to such caution, and certainly don't kei, ut | indeed understand it 
After tis and subsequent discussion, | realized we had a pretty complete 
picture of what Google Chrome is all about. The ony hitch is that one part of 
the material came from direct interviews and another part came from more 
informal discussions and e-mail messages. Thus, we agreed that while | could 
talk freely about Google Chrome, only authorized material could be quoted 
‘What follows, then, isa summary of my discussions with Google, folowed by an 
interview with Google Chrome developers Evan Martin and Mads Ager. Martin is 
2 Senior Google Software Engineer and Linux enthusiast working on all plat- 
forms of Google Chrome. Before working on Chrome, Martin worked on 
Google's search-esult ranking. Mads Ager is Tech Lead forthe VB JavaScript 
engine project and and its integration in the Google Chrome browser; he is 
based in the Aarhus, Denmark, office 


JAMES GRAY 
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The Google Chrome Development Team. 
(Photo Credit: Jeromy Henry) 
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Chrome 


GOOGLE’S STRATEGY 
WITH CHROME 

In some of my earliest conversations 
with Google, we talked about the com- 
ppany’s motivations for building Chrome. 
After developing a range of rich and 
complex Web apps, the company saw 
that it was time to build a browser 
from scratch that could better handle 
“today’s Web". From the beginning, 
they focused on a browser that innovated 
in four key areas, namely speed, simplicity, 
security and stability. Early on, the 
Google Chrome team realized that 

the linchpin for innovating in these key 
aspects, as well as to handling the new 
Web apps, would be @ much more eff- 
Gent handling of JavaScript. Thus, the 
VB JavaScript engine, explained further 
below, was conceived and became 
central to the Google Chrome Project. 

Goagle hopes that innovations ike 
V8 will change the feel of the desktop, 
‘making the Web apps we'te using more 
and more feel like native ones. Besides 
the internal code needed to achieve 
efficient JavaScript processing, Google 
Chrome hopes to maximize this native 
feel by keeping the U! minimal, including 
{an ‘app mode" that lets one create a 
desktop icon that links to a URL with 
‘merely a tiny Ul around the edges. 

From a development standpoint, 
Google noted the difficulty in making 
this user experience acceptable on 
platforms with very different capabilities 
and conventions. Rather than just 
doing a brute-force port, the Google 
Chrome team has focused on often 
taking a step back from the code and 
looking at the larger picture of what a 
certain part of the code accomplishes 
for the user and then translated that 
into more abstract benefits for the 
respective Linux, Mac 0S or Windows 
user. On some platforms, native capa- 
bility exists in whole or in part for core 
functionality, such as sandboxed pro- 
cesses, but not on others. This fact has 
required a wide range of refactoring 
or writing new code depending on 
existing functionality found on the 
respective platform, 

‘One example of making Google 
Chrome good on the Mac platform is 
what the company did with WebKit. 
The team fist had to come to terms 
with what it meant to use WebKit for 
Chrome and determine what it could 
provide. Interestingly, Google says that 


inthe examples of Chrome or Safari, 
nly about half the code is Webkit 

In addition, WebKit was never really 
designed to be run in a separate process 
from the rest of the browser Ul. In order 
to accomplish this, Google had to write 
much of its own drawing and event 
handling “plumbing” rather than simply 
dropping a WebView into a window in 
Interface Builder. However, the developers 
have been able to draw on much of the 
work that was done for the Windows 
version to solve this prablem, 

OF course, Google Chrome's entire 
development process is much more 
efficient and potent given its open- 
source nature. More important than 
trying to “win the browser war" in the 
traditional sense—that is, get people to 
use Google Chrome as their primary 
bbrowser—the company feels its open- 
source efforts with Chrome alteady have 
stimulated and seeded a great deal of 
innovation and made other browsers 
better than they would have been in 
Google Chrome’s absence. In fact, 
Google takes at least some credit for 
speed improvernents and security 
enhancements that have taken place 
in other browsers during the past year, 
which is advantageous for everyone. 

Given that Google Chrome is open 
source, we were curious to know how 
involved outside developers have been 
to its development. Although my 
contacts were unable to give me specific 
numbers, | was told that outside partci- 
pation is very high, especially in terms 
of bug reports from users of the early 
developer builds of the browser. Google 
also works very closely with the WebKit 
team, so changes made by WebKit 
developers at Apple or others in the 
Webkit community are integrated into 
Google Chrome as wel 

‘And naw, on to the interview with 
Evan Martin and Mads Ager. 


THE DEVELOPERS SPEAK 
JG: In a nutshell, what inspired 
Google to create Chrome and 
how did it come about? 

EM: We built Google Chrome 
because we believed we could add 
real value for users and help drive 
innovation on the Web. Google 
Chrome is built for speed, has a very 
simple interface and uses innovative 
technology to ensure it is always 
secure and stable, providing a great 
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experience for users as they browse 
the Web. But what's more, by making 
Google Chrome open source and 
developing a powerful new JavaScript 
engine, V8, we believe we can help 
spur innovation in the industry and 
provide developers with the platform 
with which to build the next genera- 
tion of Web applications. This is good 
for users, and good for Google, as 
we benefit directly when the Web 
gets better. 


Lu: What is the Goog! 
Chromium Project? 
EM: Aiter we wrote the code for 
Google Chrome, we open-sourced it 
under the name Chromium. Much 
like Firefox isa trademark of Mozilla, 
Google Chrome is a trademark of 
Google; the name Chromium is not, 
so distributions are free to use it to 
refer to the same project. We hope 
that developers and browser vendors 
take a look at the Chromium source 
cade and that it will be useful for 
new projects built by the Open 
Source community in the future. 


JG: This being our cros: 
platform development issu 


major issues in making Chrome 
reat on all of its platforms? 

EM: Much of the challenges we've 
encountered on Linux stem from how 
heterogeneous the user base is— 
which, surely, is also the strength of 
Linux. This ranges from how to port 
simple Ul decisions (Chrome’s shade 
of blue was chosen to look good next 
to the blue seen on every Windows 
computer), to getting boring techni- 
cal details (a binary built on Ubuntu 
won't work on a Fedora machine), 

to real problems that will require 
engineering work to solve. 

‘One good example of the latter is 
adapting our sandboxing model for 
Linux. Getting a process sandboxed in 
2 way that's useful to us is challenging 
fon Windows, with the relevant source 
code consisting of more than 100 files, 
but it needed to be implemented only 
tance to work everywhere. On Linu, 
there are a variety of easier-to-use but 
different sandboxing systems available, 
and different Linux distributions ship 


with different (or no) sandboxing APIs. 
Here's an article about a kernel patch 
We've proposed for discussion toward 
that end: Iwn.net/Articles/332974, 


JG: What innovations does 
Chrome bring to browsing? 

EM: We did a lat of interesting things 
in building Goagle Chrome. Fist, its 
simple and easy to use—we've designed 
Google Chrome to be as unobtrusive 

as possible, taking up the minimum 
‘amount of space on your screen, and 
allawing you ta search and brawse all 
from the address bar. Its multiprocessed 
architecture also ensures Gaogle 
‘Chrome is fast and stable. Additionally, 
we designed Google Chrome far 
speed fram the beginning, including 
building a new JavaScript engine 
called V8 from scratch to handle rich, 
complex Web applications. 


JG: Can you tell us more about 
V8, its history, your ration: 
developing it and who the key 
people were behind it? 

MA: The VB Project started in late 

2006, At that time, existing JavaScript 
engines did not perform very well 

‘The goal of the V8 Project was to 
push the performance of JavaScript 
engines by building 2 new JavaScript 
engine on which large object-oriented 
programs run fast. The VB Project 
was pioneered by the dynamic duo 

of serial virtual machine builders Lars 
Bak and Kasper Lund in a farmhouse 
outside Aarhus, Denmark 


the browser? 
MA: VB uses the concept of hidden 
classes and hidden class transitions 


combined with native code generation 
and a technique called inline caching to 
make property accesses and function 
calls fast. VB uses precise generational 
gatbage collection to make the engine 
scale to large object-oriented programs 
that use a lot of objects. In addition, VB 
contains a JavaScript regular expression 
engine that was developed from scratch, 
's automata-based and generates native 
code for regular expressions 


JG: What language(s) is 
Chrome/V8 written in? 
MA: Vi is mostly written in C++, but 


some of the basic JavaScript libraries 
are implemented in JavaScript itsel. 


JG: What platforms does 
Ve support? 

MA: V8 runs an Windows, Linux 
and Mac. 


JG: What CPU architectures 
does it support for native 
compilation of JavaScript? 
MA: V8 supports 1A32 and ARM. 


JG: Are there plans to extend it 
to other CPU architectures? 
MA: We are working on a 64-bit version, 


JG: Is the code generation 
tter on some architectures 
than others? 

MA: There are different trade-offs for 
the different architectures, and we try 
to make the code generators as good 
as we can for the different architectures, 
The code generator for |A32 does 
register allocation and does more inlining 
than the code generator on ARM. In 
general, the 1A32 code generator has 
been tuned more than the ARM one, 


JG: Did you name it after the 
internal combustion engine or 
the vegetable drink? 

MA: The internal combustion engine. It 
was developed in the context of Google 
Chrame, and we thought that there 
should be @ powerful V8 engine under 
the “chrome 


JG: Why did Google choose to 


EM: We have always been and remain 
great supporters of Firefox—Mazilla 
helped lead the way in much of the 
innovation we've seen in the browser 


space during the last couple years, 
with features lke tabs, search boxes in 
the browser chrome and extensions. 
They ve also proved that you can build 

1a mass-market software product using 
open-source technology and collabora- 
tive development in the open. However, 
we initially thought of our work in this 
space as an experiment and didn’t, 
want to impose our ideas on anyone 
else, Rather, we thought about devel- 
ping a new JavaScript engine and 
open-sourcing it so that other browser 


developers could benefit 

We think that numerous open- 
source projects are good for the entire 
space because they allow developers 
to make advances and share them 
quickly. We continue to have a great 
relationship with Mozilla, and many of 
our engineers actively work on features 
in Firefox through Mozilla's public 
participation process. 


4G: What can you tell us about the 
status, road mi 
9 the 
We're salivating here. 

he Developer version is available 
for a few Linux distributions already. 
Although this is an early release and not 
ready for your average user, we hope 
you get an idea of what Google 
Chrome for Linux willbe like and keep 
following our development in the open 
as we make progress on a beta and 
stable version. 


and how many solely to the 
Linux version? 

EM: Although we don’t go into 
details about the number of Google 
employees on any particular product, 
we have a core team of engineers 
who are working hard to get the 
Linux build of Google Chrome up and 
running. As a team, to prevent frag- 
mentation, we try to have all develop- 
ers work on all platforms—| refactor 
code on Windows to make it work on 
Linux, and if someone on the Mac 
team breaks the Linux build, its his or 
her responsibility to fix it. Pieces like 
the networking stack can be worked 
fn from any platform, so developers 
can just pick their preference. 

‘At one point, | counted Google 
developers contributing from more than 
a dozen different locations (some work 
from their homes); we have even more 
tance you count the contributions we 
receive from other developers. One of 
my favorite experiences of this project 
has been fing a bug one evening, then 
waking up the next day to see a patch 
to fix it from someone in Europe 

We've also received many patches 
from outside of Google, and have even 
promoted some of our best contributors 
to commiters themselves 
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JG: Was there a specific Google 
ication that prompted 
Google to decide it ni 

owser? 
;oogle Chrome as being 
less about making Google applications 
faster and mare about making the Web 
as a whole faster. 


JG: What toolkits are used to 
build Chrome? And, are there 
any interesting issues regarding 
tools worth mentioning? 

EM: Google Chrome on Linux relies on a 
ton of free software—aboutcredits lists 
more than 15 subprojects we include 
source fram—as well as standard system 
libraries like FreeType, NSS (the Mazila 
SSL/TLS implementation) and GTK+. 
There has been a lat of discussion on-line 
‘over toolkit choice; it was surprisingly 
uncontroversial within the team to chase 
the one that Firefox and Flash depend an 
and that we had more experience with. | 
think ather options would have been just 
{5 good, and | would, in particular, love 
to see someone knowledgeable about 


Qt contribute patches. 
Regarding tools, I'd like to especially 

call out gold, the fast linker that is litle 

known but has been a lifesaver for us 


JG: How has the development 
Google Chrome for Linux 
been going? Can you share 

me ups and downs you've 
need so far? 

EM: | run only Linux at home, For me 
personally, the biggest up was after 
warking on Windows far so lang, ta be 
able to install and use it finaly myself. 


JG: Is there a tentative date 
for when a beta release will 
ready for Linux? 

EM: Not yet, but we're working hard 
fn it. You can track our pragress on 
Linux development by running the 
in-pragress version available at 
dev.chromium.org/getting-involved/ 
dev-channel or via the mailing lists 
and source found on the Chromium 
developer site at chromium.org, 


JG: Will the Linux and Mac OS 


versions one day catch up with 
and enjoy equal functionality 
with the Windows release? 
EM: Yes, it is one of our highest 
priorities right now. 


JG: Thanks to you both for 
your fascinating insights on 
Google Chrome!u 
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0 to press, Google just announced 
its Crome operating 
Will be based mainly on 


sm. Chrome OS 
b applications 
and will ad an intersting dimension to 
the "Google World”, as it will be possible 
torun a completely Google-based desk 
top environment. Although the Chrome 
0S will be a 
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Rich Cross-Platform 
Desktop Applications 
Using Open-Source 


TITANIUM 


The Titanium open-source platform lets Web developers leverage 
their Web skills for creating desktop applications. 


MARK OBCENA 


itanium is an open-source platform that enables 
developers to bulld rich desktop applications using 
standard Web technologies. Titanium applications 
run natively on Linux, Mac OS X and Windows 
operating systems, At a high level, Titanium 
competes directly with Adobe AIR, although it differs from AIR 
in three major ways. Fist, Titanium is open saurce; i’ licensed 
under the Apache Public License (version 2). Second, Titanium 
is fully extensible; Titanium extensions can be written using a 
number of popular languages, including C+, JavaScript, 
Ruby and Python. Finally, Titanium opens up user interface 
programming to popular languages like Ruby and Python— 
4 job typically reserved only for JavaScript. Both Ruby and 
Python have full access to the Document Object Model 
(DOM), which puts these languages on par with JavaScript 
for building rich, dynamic user interfaces. 

Itis important to nate that Titanium is nat a system that 
provides a point-and-click ability to build a single application, 
that runs both on the Web and on the desktop; however, 
that is nat to say code sharing across the Web interface and 
desktop interface is impossible. 

Somme developers may choose to develop with a share-and- 
segregate pattern: write a common set of shared libraries, then 
rite platform-specific code for use in a Web interface and other 
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code for use in a desktop interface. in this case, you'll stil have 
assingle codebase, but you'll end up with two different apps. 

Other developers may chaose to develop using progressive 
enhancement. With progressive enhancement, you start by 
implementing a basic set of features, then as new resources 
become available, you build up functionality to make use of 
these new resources, 

‘A goad example is Google Dacs. There's a basic set of fea- 
tures you can access on-line, but if you install Google Gears, 
you get offline access and other features as well. The same 
goes for Titanium apps. Developers can enhance their Web 
applications progressively by adding features and functions 
that will be available only when the app is run on a Titanium, 
instance, Using this approach you have just a single app, 

Both of these techniques are valid choices when it comes 10 
developing apps. Bath techniques have pros and cons, and it's 
Up to you as the developer to chaose which method to use. 

No matter which technique you choose—two separate 
codebases, one codebase and two apps, or ane app—at 
the very least, Titanium allaws you to leverage your Webs 
development knowledge to build desktop applications, 

It lets you use HTML and JavaScript, as well as other 
languages most often associated with Web development, 
to develop desktop applications. 


No More Limits on Web Development 
Titanium is a development platform with one clear goat: leverage 
Web technologies to create rich, crass-platiorm desktop 
applications. Using Titanium, you can create desktop applications 
using HTML and JavaScript, yet stl get features not available on 
browser applications. For example, Titanium Web applications 
built for the desktop can access the flesystern and interact 
\with the underlying operating system. 

The idea behind Titanium isn’t new, but Titanium clearly 
separates itself by giving you something unique: unlimited 
possibilities with open-source choices. You aren't forced to use 
anything proprietary—you can use any library or framework 
you want. All technological decisions are yours to make. 

Although | mainly program with JavaScript for Web 
applications, it isn’t the only technology that powers the Web. 
Titanium works well with Python, PHP, Ruby, lava, Flash and 
Flex, and Sitveriight. So whatever technology you're using right 
now ta develop your Web applications, you'l likely be able to 
use it with Titanium 

Because Titanium is distributed under the open-source 
‘Apache Public License v2, you can download the source code, 
play with it, fork it and extend it. t's this extensibility that 
makes Titanium a platform that developers can grow with in 
the future. The platform can morph and evolve into different 
forms as new needs emerge, 


Rapidly Evolving Web Development Platform 
Titanium is evolving rapidly and has experienced several major 
changes to its architecture in the past few months 

The initial preview release of Titanium (PR1) incorporated 
Webkit and a modified version of Google Gears. Essentially, 
Titanium PR1 used Webkit as its main component, and 
additional features were exposed to the runtime via a 
native extensions system, which gave developers access 
to features from a modified version of Gears. 

‘Soon after this initial preview release, the Titanium team 
started to re-architect the platform. Google Gears was 
removed, and instead, a new system for exposing new 
features was created: Kroll 

Kroll is the microkernel that powers Titanium and extends 
the framework. This compact microkernel, written in Ci, isa 
cross-language, cross-platform “binding” and invocation frame- 
Work that enables mixing and matching code within the kernel 
All the features that Titanium exposes are accomplished va Kroll 
modules. By using Krol, Titanium gains the ability to support 
2 multitude of languages and technologies. And, because Kroll 
is fully extensible, anyone can add more features to the plat- 
form, using any technology. You dan't need to be a C++ guru 
to extend Titanium. You can create new modules using Python 
and Ruby, or even just plain-old JavaScript 

Titanium’s use of Webkit was retained during the rewrite 
from PR1, and for good reasons. Not only is WebKit one of the 
best, standards-compliant engines available today, but it also 
features lots of goodies, such as HTMLS client database storage, 
SS transformations and animations, and a fast JavaScript 
engine. All of these, of course, are available on Titanium, 


Getting Started with Titanium Applications 
Enough theory—it's time to get our gloves out and start work- 
ing with Titanium. First, download the latest version of Titanium 


from titaniumapp.com/download, and execute the package: 


§ chaod + 


Titaniun-PR3-SOK. bin 


Titaniun-PR2-SOK. bin 


You'll be greeted by a window containing the License 
Agreement; click | Accept to continue. Wait for the installer 
to finish, and the next thing that pops up an your screen is, 
the second tool that you'll use the most while developing 
applications for Titanium (aside from your favarite text editor): 
the Titanium Developer. 

Titanium Developer is the main tool you need for developing 
Titanium applications. It features several tabs for different 
purposes, ranging from packaging your app, managing projects 
and discovering caol stuff from other developers (Figure 1). 

The first tab is Projects, which helps you manage your 
Titanium projects. Here you can create new projects, run 
them for testing and package them for distribution (Figure 2). 


Figure 2 Projects 


www.linuxjournal.com september 2009 | 55 


FEATURE Titanium 


The Sandbox is a very useful tool for testing cade without 
having to create a new project. To see it in action, try typing 
the following snippet of cade into the text area on the 
Sandbox tab, then press Launch (Figure 3): 


Figure 3, Sandbox 


Congratulations! You just launched yaur first Titanium 
pplication via the Sandbox. Titanium Developer takes the 
snippet of cade and launches a Titanium app using that code. 
(On the side of the text area for the snippets, there are buttons 
for popular JavaScript frameworks. You can click one of thase 
to add them to your sandbox application for testing instead of 
having to include them yoursel. 

The next tab, Apps, isa tool for discovering other awesome 
Titanium applications. Titanium enables you to distribute your 
applications easily via a distribution and packaging cloud. 

Every app that's packaged as public will be featured in the 
‘Apps tab, making it easier for you to share and distribute 
applications to your users (Figure 4) 

Up to this point, Titanium Developer probably seems like 
any other development tool. You use it to create new projects, 
test them and package them for distribution—normal develop- 
‘ment stuff. But it goes beyand that. Titanium Developer isn’t 
merely a development tool, its a social development tool. 
Social development harnesses the power of social media for 
engaging, learning and callaborating with a glatal community 
of developers. That's why Titanium Develaper contains two 
other tabs: Community and Feeds, 

The Community tab contains a full IRC client that connect 
to the official Titanium IRC Channel, enabling you to talk to 
other developers, get help with tricky code or even share tips, 
and tricks. The Feeds tab features live Web feeds from Twitter 
and FriendFeed regarding Titanium, so you'll be up to date 
‘about everything that's going on with the platform, The same 
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Figure 5. Community Feeds 


tool that you use ta create, package and deploy projects is 
ala a tool that connects you to the worldwide community of 
developers working with the same platform as you (Figure 5). 

‘And, the best thing about Titanium Developer? its actually 
built using Titanium. 


Titanium Project 101 
Its easy to create new projects using Titanium Developer The 
Projects tab takes you step by step into creating a new project. 
The first step asks you which JavaScript libraries you'd like to 
add to your project. You can add libraries by clicking on their 
logos, and you also can opt aut by nat clicking any. For this 
example, try adding Mootools 

‘Next, you need to input information about your project. 
Type anything you want for the Project Name, Project 
Description, Publisher Name and Publisher URL. fields. For the 
Project Location, click on the small folder icon on the side of 


the text field, and select the directory on your system where 
the project will be placed, Finally, you need an icon for the 
project, so click on the small folder icon on the side of the 
field for Application Image, and browse far an image file. 
Click Create Project. 

The Project tab now displays your praject on the list and 
some project infarmatian on a window on the right. This 
window has three tabs: the first ane displays your project's 
information, the second one displays links to your application 
packages, and the third one displays distribution and down- 
load statistics for your application (Figure 6). 


Figure 6 Create Project 


Select the project in the list, and click on the small box 
icon. This brings you ta the Packager where you can run, 
ppackage ar install your application. Click on the Package and 
Launch button to launch your newly created projec. 

You naw have your first project, but it doesn’t really do 
much at this point. So, open your file manager and navigate 
to the directory you selected for the Project Location when you 
created your project. 

Inside your project directory, you'll see several files and 
directories (Figure 7): 


1. dist: the directory where Titanium Developer stores your 
packaged app so you can launch it for testing, 


2. manifest: a file used by Titanium to determine settings 
for packaging your apps, like your app's information as 
‘well as settings and versions af the modules you're using 
‘on your application. 


3. tiapp.xml: the descriptor file far the application, This is used 
by Titanium to determine settings befare running your 
application, such as settings for the initial window, version 
information and copyright information. 


4. Resources directory: where all yaur application files are 
stored—your HTML pages, stylesheets and scripts all 
should be kept here, 


Figure 8. Hello World App 


Titanium is very lenient when it comes to the structure of 
the Resources directory. You can create subdirectories ta struc- 
ture your project in any way you want, depending on your style 

‘Now, open the index.html file inside the Resources directory 
with your favorite editor. It should loak like ths: 


nem 


‘sty esboty(background-color:#292929;color-ubite}«/style> 
script types*text/javaser gt” sre="mootools-1,2,1,2"9¢/serspt 
Welcone to Thtaniim 


inem> 


‘As you can see, it’ just a simple HTML page, and Titanium 
Developer already included a link to the MooTools script 
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FEATURE Titanium 


Listing 1. JavaScript Python and Ruby Allin One HTML File 


‘serigt typetext/iavaseript> 
indo document. get Lnen ta ‘cutgut toner 
Wella ta Tita using Javascript 


, 


efecespt> 


‘script typeetext/pytan’> 
fet neltoPytont 


indo document. getELenen ta ‘cutput).tanrATAL 
= "ello fron THtanum using Ray 


<ctv 1p» 


button onc ck"el Luby ()"mettoaybuttar> 
reer 


(which also is included inside the Resources directory). Now, 
eit the file soit looks like Listing 1 

Save the file, then go to the Titanium Developer's Project 
tab, and click the package icon on your project. Click Package 
and Launch, and test your application. Click the buttons to get, 
a hello world fram three different languages—all in a single 
page (Figure 8) 

While you're writing code, you're sure to run into bugs. 
Luckily, Titanium includes WebKit's Web Inspector, which you can 
use for various developments tasks. To apen the Web inspector, 
simply right-click on your app, and select inspect Element. 

(Once you're done writing code and perfecting your appli- 
cation, you're now ready to package your application, which is 
easy to da with Titanium Developer. In the Packager window, 
click the Package for Distribution button 

You are given several options. The first one is to select for 
which platforms to package your app—you can choose fram: 
(OS X, Windows and Linux (or all three). Next, you need to 
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Figure 10. Stats and Links 


decide whether to bundle the runtime with your application 
or instal it via the netwark during launch. Then, you decide 
which modules you'll add to your project and whether t 
‘bundle them with your app (Figure 9). 

Finally you have the choice of making your project publicly 
available. By checking Make app public, your application will 
bbe added to the App directory and be made available to users 
everywhere. This helps immensely in distributing your applica- 
tion, because Titanium also hosts your files for you. When 
you're dane, click Package. 

Titanium Developer then uploads your project files to 
the Packager Cloud for packaging. When its done, you are 
presented with links to your downloads for each platform you 
specified. f yau made your app public, Titanium Developer 
also starts showing statistics for your application, such as the 
number of downloads for each platform and the user ratings 
for you application (Figure 10). 


A Rich API for Rich Application Development 
As you saw in the code above, all languages supported by 
Titanium have a window object. This is the shared global 
object and is used to bind methods and objects that need 
to be available on all languages. The main namespace for 
the Titanium API is also bound to this global abject and 
can be accessed via window. Titanium. 

Aside from Webkit goodies, such as client-side database 
storage and CSS animations, Titanium’s current API also 
contains many of the necessary features needed for desktop 
application development: 


1m Titanium.Desktop: for launching third-party applications and 
‘opening URLs an the default browser 


1@ Titanium Filesystem: for working with the filesystem for 
things like reading and writing files, creating and managing 
directories and so on. 


1m Titanium Media: for working with media files, such as audio 
and video. 


1m Titanium.Network: for working with network-related tasks, 
such as socket connections and IRC clients, 


1@ Titanium.Notification: for custom system notifications, as 
\well as hooks to platform-dependent notification systems 
like Growl and Snarl 


1§ Titanium.Platform: far getting information about the 


User's system, 


1m Titanium.Pracess: for warking with system processes, as 
well as launching and executing system commands. 


1m Titanium.UE for working with native windows, menus and 
system chrame. 


Unfortunately, going over all of these APIs would require 
an article (or two) in itself. Fortunately, the official Titanium 
site provides documentation with more details 


Getting Rich on the Desktop 
Looking back, | wish that Titanium had already ensted when my 
lent asked me to do that project to store voce files. tt would have 
saved me a lt of trouble filing with other solutions that couldn't 
truly stisty the requirements of real, rich desktop development. 

The good thing is that Titanium already is here, ready 
for action. You can download the SDK now, play with 
Titanium and join in on the community discussions to learn 
more about it 

Yes, Titanium might be a relatively new project. However, 
with the rapid rate of development I've seen so far, 'm plan 
hing to use Titanium to power the next generation of better, 
and certainly more powerful, desktop applications. 


kha resin Cole pr pays ton Nala ilps edema cae 
cura parm eat Appr Tam be scons a sev open- 

soa Web elope repre When prac isp Baku Csr 
‘ack be res bt sg dent ant al igs iy hi st, aly eo ck 
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GS-Lo8 Fanless Pico-ITX System 
Ultra-Compact, Full-Featured Computer 
Excellent for Industrial Applications 


DISCOVER THE ADVANTAGE OF MINI-ITX. 


3677 Intel Core 2 Duo Mobile: 
Range of Intel-Based Mainboards. 
Excellent for Mobile & Desktop 
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www.logicsupply.com 
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OT pm VA oN J 
for Cross-Platform 
Development 


Lazarus may be the most native cross-platform 
development environment running on Linux, 
Windows and Mac OS X. Use it to create native 
applications with platform-independent code. 


MATTIAS GAERTNER 


IDE for rapid cross-platform development. The IDE contains all the 
features of a modern development suite, including a debugger, 
code completion, visual designers, refactoring taols, and translation and 
documentation tools. The Lazarus Project started on Linux ten years ago 
‘and now runs an all major platforms: Linux, Windows and Mac OS X. The 
arus Project's motto is “Write ance compile anywhere”, and it provides 
cross-platform libraries, a cross-platform compiler and a cross-platform IDE 
Lazarus! features include the following: 


| azarus is an open-source library of visual components and a powerful 


\@ An easy-to-learn language: Pascal 
| A visual form designer. 


|= Producing native code executables that execute with speeds 
comparable to C/C+4+—no virtual machine here! 


1@ Allowing direct access to system libraries. 


|= Supporting embedded assembler cade. 


Figure 1. Lazarus IDE 


ily handling big projects with millions of lines. 


= Compatibility with the Delphi visual component library 


And, if all that weren't enough, Lazarus also is open source and 
free of charge, even for commercial development. The Lazarus IDE 
is shown in Figure 1 
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Free Pascal Compiler 
Lazarus uses the powerful Free Pascal Compiler, (FPC) which 
understands Object Pascal (a descendant of Pascal). Free Pascal 
(aka, FPK Pascal) is a 32- and 64-bit professional Object 
Pascal compiler. It is available for the following operating 
systems: Linux, FreeBSD, Mac OS X/Darwin, DOS, Win32, 
Wing, WinCE, 5/2, Netware (libc and classic) and MorphOs, 
and for different processors: Intel 26, AMD64x86. 64, PowerPC, 
PowerPC64, SPARC and ARM. You can find binaries, packages 
and daily snapshats at the Free Pascal and Lazarus Web sites 
(Gee Resources). Free Pascal creates native code executables, 
like C and C+, and uses the GNU tools and abject format, so 
it can use C libraries directly, and, of course, C/C++ cade can 
use FPC libraries. The speed and size of the created cade is, 
comparable to GCC. 

FPC also compiles fast—normally more than 10,000 lines 
of code per second. That is because in Object Pascal, forward 
declarations are mare limited than in C/C++. This saves a lot 
of time, even for small programs, and allows you to be more 
productive, After a while, you'll compile without thinking, just 
to highlight even obvious errors 

The Free Pascal Compiler itself is written entirely in Object, 
Pascal, At the time of this writing, the compiler is at version 2.2.4 

Like its ancestor Pascal, Object Pascal is very easy to learn. 
C and Java programmers will understand most Pascal code 
without any tutorials. The language is 


‘AP! and the widget set. The code itself needs to access 
coll the LCL API, so no change is required when switching 
the widget set 

‘An LCL application compiled with GTK creates a native 
GTK application running on most Linux distributions out of the 
box. Under Windows, the choices are the WinAPl, GTK and 
Qt. For Windows CE, the back end is called wince. Under Mac 
OS X, the choices are Carbon, GTK and Qt. The widget set can 
bee chosen automatically by the IDE or selected manually the 
dialog for the compiler options. Tis allows you simply to copy 
2 project developed under Linux to Windows and compile 

Some other LCL interfaces are under develapment—for 
example, fpgui, 2 widget set written completely in Object 
Pascal and Cocoa for the new Mac OS libraries. So, if you 
don't care about native widgets and you want your application 
to look and feel exactly the same on all platforms, you can 
make use of the LCL and the fpgui library, which currently 
runs on MS Windows, MS Windows CE and Linux with X. 

The Lazarus IDE uses the LCL and has an integrated visual 
form designer, which allaws you to edit forms graphically 
lke Glade of Troltech’s Qt Designer. Lazarus’ designer works 
directly with the correspanding Pascal unit source. For 
instance, double-clicking on a button in the designer automat- 
ically creates the OnClick in the source code and connects the 
button and the event handler. No further work is needed— 


very type-stric, and many code inconsis: 
tencies are spatted at compile time. This 
is especially useful for big projects, when 
a refactoring eventually is needed, and 
all affected places must he found. The 
compiler also warns when a statement 
works on the current platform but may 
fail on anather—for example, when an 
expression works differently on 32- and 
64-bit systems. 


Lazarus Component Library 
and the IDE 

Lazarus gives FPC a face by providing the 
Lazarus Component Library (LCL), a library 
of visual components, such as buttons, 
eit fields, file dialogs and much more. 
These components run on Linux, MS 
Windows, Mac OS X, FreeBSD and Solaris, 
using native widgets. Additionally, on 
Linux, you have the choice between GTK. 
for Qt as a back end. The LCL calls the 
back-end widget sets and provides the 
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* 10000 GB/month for $800 
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www.CARI.NET/LJ 
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simply compile and run. And, it works backward too. Remove 
'a method from the code, and the IDE will disconnect it from 
the designed form. 

The IDE even supports connecting two designed forms 
That means a component on formt can access the compo- 
nents on form2. No extra source code is required for this, 
just some mouse clicks 

The designer also allows you to inherit forms visually. For 
example, a base form can be created forall of an application's 
dialogs. Descendants can be created visually that inherit from 
this dialog, No extra source cade is required. Even embedding a 
form into anther form as a subcomponent can be done visually 

Ff course, everything done in the designer can be done via 
source code at runtime too. The form data is stored in fm 
files, which are simple text files, so they are cross-platform also. 


FPC: the Cross-Platform Foundation 

Lazarus provides an outstanding native code solution. The 
compiler and most libraries are written with cross-platform in 
rmind. That is why pragrams written in Free Pascal do not need 
to run a configure script before compilation. The base types, 
like char, byte, integer and string, work the sare on all platforms. 
‘An integer always is a signed 32-bit value. The 64-bit integer is 
called int64. The native integer for a processor is called Ptrint 
for signed and PirUint for unsigned values. Lazarus itself can 
be compiled with a simple make or graphically in the IDE itself. 
And, of course, Lazarus is developed with Lazarus, 

FPC's runtime library does nat use ibe; rather, it uses kernel 
functions, which change less often. Therefore, the created 
executables normally work on various Linux distributions and 
do not need to be recompiled for each new glibe version 

With Lazarus, you can write and debug the biggest part 
under Linux. But eventually, yau'l need to test it an the other 
targets. However, you do not need to install Lazarus and all 
the development tools on all your target platforms, Cross com- 
piling can be used to develop under Linux and target another 
operating system or processor. For example, you could develop 
Under Linux and create Windows executables, and then test 
them with Wine or in a virtual machine running Windows, or 
con an actual Windows system. Cross compiling is a big time 
saver, because it allaws you to test on several platforms quickly 
and to use your favorite pragrams while developing, 

Note, however, that crass compiling does require yau to 
install the crass-campile tools and libraries, which can be 
tricky. Precampiled versions do not yet exist for all possible 
hosts and targets. Easy directians are provided for Linux to 
Windows, because of Wine, and for Windows ta Windows 
CE, because there are installers with all needed tools. 


Setting Up Cross Compiling 
Fist, you need to cross compile and install the GNU binutis. This 
is well documented on several sites, including the Lazarus Wik 
(Gee Resources). For many targets, this sas simple as dovnioading 
2 singe targz and running a script with some parameters, 

The next step is to cross compile the Free Pascal libraries. 
If you want to cross campile to anather pracessor type, you 
need to cross compile the compiler to0. Again, for many 
targets, complete scripts are available. 

if your program requires thtd-party libraries, these must 
be cross compiled too. I they are written completely in Object 
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(ene que an eng ey 
inlet chet 0 


Figure 2. Lazarus Compiler Options 


Pascal, normally you can just compile them, Lazarus will do that 
automatically for you. if they use system libraries, it can become 
difficult. The problems are then the same as for C/C++ compilers, 

Once you've installed the crass compiler and libraries, cross 
compiling becomes easy in Lazarus. Simply pass the -T option 
to the compiler. For example, pass -Twin32 to compile a 32-bit 
Windows executable instead of a Linux binary, The -P option 
defines the target pracessor. Normally, you don’t even need ta 
‘pass special search paths, because af the path scheme used, 
For instance, the Pascal units far the fpc 2.3.1 compiler, for the 
processor type i386, and for target operating system Linux are 
installed under /usrbype/2.3. /units/i886-linu. All filenames 
and search paths of the compiler and the IDE support macros, 
which greatly reduces the amount of command-line parameters 
and canfiguration settings. 

Lazarus reduces the amaunt of platform-specific settings 
even further. The IDE allows you to combine several source 
directories into a Lazarus package. A Lazarus package can be 
a library or just a logical module of a big project. A package 
has its own search paths, its own compiler settings and its 
‘own macras. All filenames and search paths are stored relative 
to the configuration file (Ipk file). package can use other 
packages and inherit search paths and compiler settings. You 
can store a package anywhere on the disk. All search paths are 
adapted automatically on the fly. And, because every source 
has its own namespace, there is seldom a name canflict. You 
‘an switch to another version simply by opening the .Ipk file 
ach package also has its own output directories, normally ane 
for each platiorm, which are created automatically. 

When a package's source file is changed, the IDE auta- 
‘matically compiles the package and all packages in the 
current project that depend on it. You can fine-tune this 
automation for each package. 

When you switch the target platform in the IDE, all 
packages’ output directories are switched, The compiler 
‘optians dialog is shawn in Figure 2 


Code Completion and Cross-Editing 
Most modern IDEs have some code-completion features. The 
IDE uses Codetools to parse the sources. Codetaols isa library 
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of parsers, search and refactoring tools and is independent of 
a specific compiler version. This allows the IDE to handle several 
versions of the compiler and to switch between them easily 
It also supports cross-editing. For example, it's possible to 

develop under Linux and write cade for Windows. When a 
cross-platform campiler is installed, simply set the targé 
to Windaws in the IDE. The IDE code navigation and cade- 
ion features now will work as if you were working 
ndaws. The following example illustrates this 


(SIFDEF Linux) 


{SENDIF) 
The curly brackets are compiler directives and work the 
same as C preprocessor directives. The code between the 


directives will be skipped by the campiler except when compl 
ing for Linux. The IDE isa little bit smarter, When a different 
target operating system is active, the enclosed code will in 
most instances act lke a comment. However, tools such as 
Find declaration still will wark within this code so that you 
don't have to switch the target to0 often. Some ather macros 
that may be of use are: 


{STFDEF Hstindows} 


ode for all kinds of windows 
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(SENDTF) 
(SIFDEF LcLGTa2) 


(SIEDEF big_endian) 
for big endian processors Like the poerpe 


(STRDEF cus) 
for Gt bit processors 


Generally though, high-level code doesn't need these 
macros, because the FPC system libraries provide most of the 
cross-platform functions and canstants that you'll need. For 
example, the Lazarus IDE, with about 200,000 lines of code, 
uses them in less than 100 places. 


Cross-Platform File Handling 

here are numerous functions for cross-platform file handling 
that automatically use the correct path delimiter, case and 
other system specials. Instead of using the slash to separate 
directories, you should use the constant PathDelim. Under 
Linux, double path delimiters are treated as one, so you 
‘oncatenate filenames simply. This does not work on 
MS Windows, where empty directory names are allowed 
herefore, filenames should be normalized with one of 

the following functions: 


© TrimFilename: removes leading and trailing spaces, 
combines double-path delimiters and does some 
minor cleanup, 


‘© CleanAndExpandfilename: expands the ~ for the home 
directory under Linux, trims the file as above and chomps 
any trailing path delimiter. 


© CleanAndExpandDirectory: works the same as 
CleanAnd€xpandfilename, but appends a delimiter 
if missing. 


A very useful function is Comparefilenames, which 
compares two strings encoded in UTF-8 in the usual manner 
for the operating system, Under Linus, it compares them 
case-sensitively and distinguishes the various encodings of 
an a-umiaut. Under Mac O5 X, the filesystem is usually case 
insensitive, and all a-umlauts are normalized and treated the 
same. Comparefilenames does nat check the actual filesystem, 
which might be case-insensitive. Its a quick compare function 
for sorting filenames, 

When your application needs to store some configuration 
files, use the function GetAppConfigfile to get the standard direc- 
tory, Under Linus, ths is /nome/usernamel.confighprojectnamel. 
For canfiguratian files, standard formats like XML or INI files 
are recommended, which can be created by the easy-to-us 
classes TXMLConfig in the unit xmicig and Tinfile in the 
Unit INE files. 

Every operating system has its own idea of an application 
Windows embeds the Explorer icon and version information 
in the binary. Since Windows XP, a manifest file can be added 
to enable theme support. Under Mac OS X, an application is 


called an application bundle and is a directory with severa 
ML and resaurce files, In the OS X Finder, the directory is 
4m as executable program, and the rel files are hidder 
hical application without this bundle file can be started 
ive any input. The IDE automatic 

tructures for you 
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How to Be 
Cute on All 
Desktops with 


Qt always has been about cross-platform. By providing a rich API that isn’t 
tied to a specific platform, Qt can be both intuitive to use and innovative. 


he Qt toolkit originally was designed not only to 
be nice to work with, but also to allow for moving 
application source code between platforms. Today, 
the three major desktop environments are supported: 
X11, OS X and Windows. As portability is one of the key 
goals of the toolkit, it rarely runs into common issues, such 
as features missing on a specific platform or applications 
not integrating well in certain environments. 

t's journey to fame really began more than ten years ago 
with the KDE Project. As one of KDE's cornerstones, it might 
come as a surprise to you that later incarnations of Qt try to 
integrate with GTK+ and GNOME. It even allows the incorporation 
of the glib event loop, all to fulfill the mission of providing 
portable code that looks and feels right on all platforms. 
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Looking Right 
When discussing portable GUI source code, the graphical 
user interface is probably what comes to mind first. 
Providing widgets that look right on all platforms is an 
engineering feat. It takes many tricks to be able to use 
native painting methods, adapt to styling and just generally 
to fit in, Add to that the ability to subclass and customize 
widgets, and you have quite a handful of things that have 
to be incorporated. 

‘And, making an application fee! visually right on all plat- 
forms takes even more work. Margins, spacing, alignment— 
even the ordering of certain widgets—all need to be taken 
into account. Qt addresses all of these issues. A basic dialog 
window can be used to demonstrate how. 

Figure 1 shows a property dialog with a set of labels to the 
left and fields for eiting to the right. At the bottom are the 
standard Help, Apply, Ok and Cancel buttons. This might look 
like a simple dialog, but compare it to Figures 2 and 3. Is the 
same dialog, but on different platforms 

The platform imposes the order of the buttons at the 
bottom of the dialog, the alignment of the properties’ labels, 
as well asthe expansion policy of the fields representing the 
property values. All of these need to be handled according to 
the current platform's rules 


Providin widests that 
look right on all platforms 
is an engineering feat. 


Customizing the Look 
In some situations, blindly following the current platform's look 
and feel isn't what you are after. Sometimes you may want to 
subtly give hints to the user. For instance, you may want 10 
highlight all equited fields or change the color of a progress 
bar. Usually, this means subclassing the source widget to 
specialize it. Then, you will use your special widget for all 
the required fields. Now, imagine having not only text fields, 


but also check boxes, drop-down lists and more. 

{In Qt, you can address this problem in two ways. Either 
you can create a custom palette abject that you apply to 
all fields you want to highlight or change color. Or, you 
can use a stylesheet, 

‘The advantage of using stylesheets is that they allow more 
advanced operations. Figure 4 shows this in three steps. The 
top row of widgets uses the standard style, and the second 
row uses the following stylesheet: 


ALinetsit ( 
background-color 


, 


rgb(255, 255, 185); 


hecksox 
image: 


, 


indicator unchecked ( 
rt: (mages /eb-uncheckedpng) 


(ead iofutton::indteator unchecked ( 
‘mage: url(:/images/rb-unchecked.png) 
, 


‘As you can see, the syntax was heavily inspired by the 
cascading stylesheets (CSS) used in Web design, The text field 
isan instance of the QuineEait class. For it, itis enough to 
specify a background color. For the radio button and check 
box, you need to provide images that represent the indicator. 
More states than unchecked need to be included here, but to 
simplify for this example, they have been left out. 

‘Merely changing the background color could have been 
achieved as easily by altering the specific widgets’ palette. 
However, the last row in Figure 4 shows that you can go 
further. The stylesheet used here changes the font, text 
color, border and background. For the QuineEzit class, the 
stylesheet looks like this: 


ALinetsit ( 
color: red: 
Font: 75 pt "Dejave Sans* 


Figure 1. A Dialog in @ KDE Environment 


Ces eae GD Ga) 


Figure 2A Dialog in a Windows Environment 


Gace) 
Figure 3. A Dialog in an OS X Environment 
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FEATURE Qt 


border: 2px solid reb(@. 112, 157) 
border-radius: 3px: 


background: qlineargradient (spread: pad, 
weds, ye, 28, 2s, 
stop: black, stop:1 rgb(®, 112, 157) 


AAs you can see, the color changes are not limited to only 
solid colors. The background is a gradient, and the whole 
shape of the border has been altered—all this, while stil 
maintaining the source code's cross-platform portability. 


Accessing Drives 
What we've discussed so far affects only the visuals. You 
can try all of this from within Qt Designer or QtCreator 
without writing a single line of source code (nat counting 
the stylesheets). But, cross-platform programming is more 
than just look and feel. For instance, how do you traverse a 
filesystem on multiple platforms without providing unique 
‘source code for each platform? 

Qt provides classes for this. For example, the 
following short snippet shaws the directories 
contained in the root directory of each drive of a 
given computer. On a Windows machine, it lists 
the drives one by one, while on UNIX machines, 
it lists only the root drive / note that foreach is 
2 Qt-supplied C++ macro): 


foreach( QFitetato drv, QDir=:drives() ) ( 
qhebug( "Es contains", qPrintable(drv.absoluterath()) }: 
Foreach( QString nane, 

dry absolutedir() entryList( gDir=:Dies ) ) ( 
4%", qPrintable(name) ): 


qpebug( 
> 
) 


By using the QDir class to access the filesystem, you can do 
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Figure 4, From Standard Style tothe Extreme: 


so in a platform-independent manner. The class contains static 
functions for comman entry points, such as drives, the user's 
hhome directory, the current directory, as well as the system's 
directory for temporary files 


Another common source of 
cross-platform problems occurs 
at a much more basic level— 
the encoding of text and data. 


Handling Text 
Another common source of cross-platform problems occurs 
at a much more basic level—the encoding of text and data 

Qt provides a custom class for handling text strings called 
QString. It provides Unicode representation across all platforms. 
The string class itself can convert to and from UTF-8, ASCII 
and Latin. It also can convert to and from most other string 

representations using text codecs. Qt comes with 2 variety of 


Using Platform-Specifics through a Movable AP' 


‘Qt might provide a cross-piatform API that can cover 
‘almost all cases, but you stil might want to use platform- 
‘specific features, For instance, opening the window as 
‘maximized in Windows and normal on OS X and X11. To 
handle these situations, Ot provides preprocessor defines 
describing on which OS you are running and which 
‘windowing system you are using. For example, on Linu, 
youll find Q_OS, LINUX and probably @_WS_X11, 


‘When you know on which system you are running, 
you can access all X11 events by re-implementing the 
‘x11EventFilter function of the QApplication class. On OS 
X, you can get hold of the CoreGraphics handle fram the 
‘macCGHandle function of each GWidget. 
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{f you want to avoid writing platform-speciic code, you 
still can give platform-specific hints. For instance, you 
can give a hint to a QDialog that itis a sheet. This is a 
dialog that appears inside another window or dialog 
that provides part ofthe larger window's features. You 
do this by setting the window flags of your dialog to 
Ot: Sheet. 


(On X11, this type of hint ralies on the window manager's 
bil to understand it. This means the hint must be used 
‘as a hint, not a setting. If you want complete control, pass 
Qt:X11 BypassWindowManagerHint. This tries to avoid the 
window manager completely, which is not a nice thing to 
do, but might be necessary, 


codecs, but it also is possible to create custom codecs to 


handle special cases, 


When reading and writing text to and from files, the 
encoding is respected by using the QTextStream class. This 
class provides a stream interface based on the << and >> 
operators. It usually autodetects the encoding, but you can 
use the setCadec function to force it to a specific setting. 


modern code: 


Watastrean strean( Atile ) 
stream.setByteOrder( QDataStrean: :Bigéndian ) 
strean.setVersion( QDataStrean::Qt 4.8 ) 

int value 

stream >> value: 


To illustrate, the following short snippet of code reads a line 


from a text file encoded as UTF-32 on a big-endian system: 


QTextstrean strean( afile ) 


stream.setCodec( TextCodec:-codecForNane ("UTF-328E") ) 


QString nyString = strean.readLine() 


Which End Is First? 
Speaking of endianness, this is often 
an issue that occurs when dealing 
With cross-platform code. The issue 
with endianness is that when you 
write binary data, such as a 32-bit 
Value (four bytes), you can choose to 
\write the bytes in two different directions: 
left to right or right to left, aka big 
endian and little endian 

‘The default order for writing bytes 
depends on the endianness of the 
system on which the program is 
running. Some architectures, such as 
1A32 and the VAX, use litle endian 
Others, such as PowerPC, Coldfire 
and SPARC, use big endian. Others 
stil, such as ARM, MIPS, IA64 and 
Sparc V9, are able to do either 
(although wihich one is used often 
has to be hard-wired into the system 
When the hardware is built). Systems 
based on most of these architectures 
are commonly targeted by Qt 

To ensure cross-platform compati- 
bility for binary data, you need to 
specify the order explicitly when writ- 
ing and again when reading. By using 
2 QDataStream to handle binary file 
formats, endianness no longer is an 
issue. You simply specity the byte 
oder to use and then use the stream 
operators, and it just works. 

The snippet of cade below shows 
this. it also contains the setVersion 
function, letting you specify which 
Version of Qt's encoding of complex 
data types you want to use. For 
instance, if the internal representation 
of colors changed between version 
2 and 4 of Qt, by specifying an older 
Version, you stil can read and write 
data in the old format using the 
same stream class. This is something 
that comes in handy when having to 
handle old legacy file formats from 


Storing Preferences 
When handing user preferences, Windows has the registry 
UNIX systems usually rely on hidden directories, ane for 

each application. OS X has an XML format for preferences. 
This works fine for users. They usually do not rely on being 
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able to move their preferences between their computers, 
especially if they do not use the same operating system. 
From a software developer's perspective, the situation 

is different. 

To resolve this, Qt provides the QSettings class. It 
provides access to each platform's preferred method. it 
also can be used to create and read IN! files outside the 
platform's system that can be moved between platforms 
by the users. 

The QSettings class relies on the name of the application and 
the application provider. Then, you simply use the setValue and 
Value functions to write and read. The returned value is of the 
type QVariant. This type can be used to hold any type of data, 
The basic types, such as integers, are handlled directly. More 
complex types, such as QColor, rely on the data stream operators 


QSettings settings( °The Asp Company”. “The App” ) 
int v = settings vatue("ayint")_totnt(): 
Qcolor ¢ = settings. vatue("nyCatour").valuecQcotor>(): 


Many more issues arise when moving code between platforms 
Qi solution isto provide a Qt APL, This API removes almast all 
traces of specific platforms, while trying to support al functionality 
on each ofthe platforms involved. More complex cases than 
the ones shown here involve multithreading, database access, 
networking and so on. 


Embedded 
So far, this discussion has focused only on moving code 
between different desktops, which is just half of Qt’s ambition. 
Qt comes in three embedded flavors: embedded Linux, 
Windows CE and Symbian S60. 

‘The Windows CE and $60 ports make it possible to run Qt 
applications on phones and palmtops. Each of the ports takes, 
the target device's styling into account and integrates the 
application in a seamless manner. At the time of ths writing, 
the $60 port is available only as a technical preview, a full 
release is planned later in 2008. 

The embedded Linux version makes it possible to run Qt 


directly on the framebutfer. This greatly reduces the footprint 
of the system, making it embeddable. The windowing needs 
are covered by an integrated window manager QWS (Qt 
Windowing System), but generally, these systems run their 
applications in full-screen mode, 

(One interesting feature is the ability to run applications in 
a virtual framebuffer, making it possible to emulate the correct 
resolution, bit depth and input behavior on a development 
machine. This allows you to start developing the software 
earlier in the project cycle. It also can simplify debugging, as 
you can avoid remote debugging 

The step when moving from desktop to embedded is, 
generally larger than when moving between desktops or 
embedded systems, There are a number of issues that a 
framework cannot solve. The most common issues are 
available screen space, lack of computing power and lack 
of memory. All these areas are becoming less of a concern 
as the power, memory and screen resolution of embedded 
systems increase, 

Qt provides the ability to style and stretch interfaces to 
fit the screen. You also can set the global strut. This is the 
‘minimum size that any user interface element can have. By 
adjusting this factor, you can tune widgets to make them 
usable using a finger, stylus or mouse 


Embracing Qt 
Qt provides an API that can be used across a variety of 
platforms. All major desktops are supported, but also the 
‘major embeddable platforms. The strength of Qt is that 
all these platforms can be reached through one API. The 
API is provided by one library, one set of goals and one 
approach to constructing APIs. To take full advantage of 
Qt’s cross-platform ability, you should embrace the use of 
Qt in all fields. if you do, you can move your code as easy 
as you can compile it. 
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Cross-Platform Development Using 


a Cross-Platform Environment 


Qt comes with a set of tools that can be used sepa- 
rately or from within the fairly new QtCreator applica- 
tion, QtCreator was created using Qt and provides an 
advanced code editor, documentation, an integrated 
version of Qt Designer and editors for Qt-specific files, 
such as project files and resource files. 


Because all the Qt tools also are available separately, 
it is common to use another IDE or just a text editor 
and command line. Qt Software provides integrations: 
for Microsoft Visual Studio, Xcode and Eclipse. There 
also are a range of free IDE projects out there, such 
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as Edyuk, QDevelop and KDevelop. 


So, what does OtCreator provide that the others. 
don't? First, it comes as a part of the Qt SDK. The 
SDK version of Ot comes as a single download with 

‘a prebuilt version of Qt and OtCreator set up and ready 
‘to go. Second, it provides a graphical debugger 
interface, letting you use gdb in the easiest possible 
manner across all desktop platforms supported by Qt. 
‘The debugger knows of Qt and provides macros for 
easy viewing of QString objects as well as for looking 
inside Ot's list classes, 
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INDEPTH 


Open-Source Compliance 


A discussion of open-source compliance, the challenges faced when establishing 
a compliance program, an overview of best practices and recommendations on how 
to deal with compliance inquiries. IBRAHIM HADDAD 


‘Traditionally, platforms and software stacks were built using 
proprietary software and consisted af various software building 
blocks that came fram different companies with negotiated 
licensing terms. The business environment was predictable, 
and potential risks were mitigated through license and contract 
negotiations with the software vendors In time, companies 
started to incorporate open-source software in their platforms 
for the different advantages it offers (technical merit, time to 
market, access to source code, customization and so on). With 
the introduction of open-source software to what ance were 
purely proprietary software stacks, the business environment 
‘diverged from familar territory and corporate comfort zones 
(Figure 1), Open-source software licenses are not negotiated 
agreements. No contracts are signed with software providers 
(that is, open-source developers). Companies now must deal 
with dozens of different licenses and hundreds ar even thou- 
sands of licensors and contributors. As a result, the risks that 
Used to be managed through license negotiations now must be 
managed through compliance and engineering practices. 


Figure 1. A new computing environment necessitates open-source 
compliance due diligence. 


Enter Open-Source Compliance 
‘Open-source software initiatives provide companies with a 
Vehicle to accelerate innovation through collaboration with 

a global community of open-source developers. However, 
‘accompanying the benetits of teaming with the Open Source 
‘community are very important responsibilities, Companies 
must ensure compliance with applicable open-source license 
‘obligations. Open-source compliance means that open-source 
software users must observe all copyright notices and satisfy 
all license obligations for the open-source software they 
Use. In addition, companies using open-source software in 
commercial products, while complying with the terms of 
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‘open-source licenses, want to protect their intellectual property 

and that of third-party suppliers from unintended disclosure. 
(Open-source compliance involves establishing a clean baseline 

for the software stack or platiarm code and then maintaining 

that clean baseline as features and functionalities are added, 
Failure to comply with open-source license obligations can 

result in the following: 

| Companies paying possibly large sums of money for breach 
cf open-source licenses, 

| Companies being forced by third parties to block product 
shipment and do product recalls. 

= Companies being mandated by courts to establish a more 
rigorous open-source compliance pragram and appoint an 

‘Open-Source Compliance Officer” ta monitor and ensure 

compliance with open-source licenses, 

= Companies losing their product differentiation and 
intellectual property rights protection when required to 
release source cade (and perceived trade secrets) to the 
‘Open Source community and effectively license it to 
competitors royalty-free. 

= Companies suffering negative press and unwanted public 
scrutiny as well as damaged relationships with custamers, 
suppliers and the Open Source community, 


FSF Compliance Lab 


‘The Compliance Lab at the Free Software Foundation (FSF) 
helps enforce the license forall free software. Information 
about the life cycle of compliance cases handled by the 

FSF is available at www.fsf.org/licensing/compliance. 


Lessons Learned 
There are three main lessons to learn from the open-source 
compliance infringement cases that have been made public 
to date: 


1. Ensure that your company has an open-source management 
infrastructure in place, Open-source campliance is not 
just a legal exercise or merely checking a box. All facets 
of a company typically are involved in ensuring proper 
compliance and contributing to the end-ta-end management 
of open-source software. 


2. Make open-source compliance a priarity before a product 


ships. Companies must establish and maintain consistent 
‘open-source compliance policies and procedures and ensure 
that open-source license(s) and proprietary license(s) 
amicably coexist well before shipment. 


3. Create and maintain a good relationship with the Open 
Source community. The cammunity provides source cade, 
technical support, testing, documentation and so on. 
Respecting the licenses of the open-source companents 
you use is the minimum you can do in return, 


‘Compliance Challenges 
‘Companies face several challenges as they start creating the 
compliance infrastructure needed to manage their open-source 
software consumption, The most common challenges include 


1. Achieving the right balance between processes and meeting 
product shipment deadlines. Processes are important; 
however, they have to be light and efficient, so they're 
nat regarded as an overhead to the development process 
and to avoid making engineers spend tao much time on 
compliance activities. 


2. Think long term and execute shart term: the priority of all 
‘companies is shipping products on time, while also building 
and expanding ther internal open-source compliance infrastruc 
ture. Therefore, expect to build your compliance infrastructure 
‘as You go, doing it the right way and keeping scalability in mind 
for future activities and products 


2. Establish a clean software baseline. This is usually an intensive 
activity aver a period of time. The results of the initial 
compliance activities include a complete software inventary 
that identifies all open-source software in the baseline, a 
resolution of all issues related to mixing proprietary and 
‘open-source code, and a plan for fulfiling the license 
‘obligations for all the open-source software. 


Building a Compliance Infrastructure 
Here are the essential building blocks of an open-source 
compliance infrastructure required to enable open-source 
compliance efforts (Figure 2): 


Team 


Process 
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Figure 2. Open-Source Compliance Building Blocks 


1 Open-source review board (OSR8): comprises representatives 
from engineering, legal and open-source experts. The OSRB 
reviews requests for use, modification and distribution of 


open-source software and determines approval. In addition, 
the OSRB serves as a steering committee to define and 
manage your company’s open-source strategy. 
Open-source compliance policy: typically covers usage, auditing 
and post-compliance activities, such as meeting license 
obligations and distribution of open-source software. Usual 
items mandated in a complance policy are approval of OSRB 
for each piece of open-source software included in a product, 
ensuring that license obligations are fuliled prior to customer 
receipt, mandatory source code audits, mandatory legal review 
and the pracess and mechanics of distribution. 

Open-source compliance process: the work flow thraugh 
which a request to use an open-source component goes 
before receiving approval, including scanning code, identifying 
and resolving any flagged issues, legal review and the final 
decision. See HP's “FOSS Management issues” article at 
www-fsf.org/licensing/compliance for an example of 
2 compliance pracess. 

Compliance project management took: some companies use 
bug-tracking toals that already were in place, and other 
companies rly on professional project management tools 
‘Whatever your preference is, the tool should reflect the 
‘work flow of your compliance process allowing you to 
move compliance tickets fram one phase of the pracess to 
another, providing task and resource management, time 
tracking, e-mail notifications, proect statistics and reporting 
Open-source inventory management: its entical to know 
‘what open-source software is included for each product, 
including version numbers, icensing information, campli- 
ance information and so on. Basically, you need to have a 
good inventory of al your open-source assets—a central 
repository for open-source software that has been approved 
for deployment. This inventory handy for use by engineering, 
legal and OSB 

Open-source training: ensures that employees have a good 
understanding of your company's open-source policies and 
compliance practices, in addition to understanding same of 
the most-comman open-source licenses. Some companies 
go one step further by mandating that engineers working 
with open-source software take open-source training and 
pass the evaluation 

Open-source portals: companies usually maintain two open- 
source portals: an internal portal that houses the open-source 
policies, guidelines, decuments, training and hosts a forum 
for discussions, announcements, sharing experiences and 
mote; and an external poral thats a window to the world 
and the Open Source cammunity and a place to postal the 
source code for open-source packages they use, in fulfillment 
of their license obligations with respect to distribution. 
Third-party software due diligence: you should examine 
software supplied to you by third parties carefully. If 
third-party software includes open-source software, 
ensure that license obligations are satisfied, because this 
is your responsibilty as the distributor of a product that 
includes open-source software. You must know what 
goes into all of your product’ software, including software 
provided by outside suppliers 
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Who's Involved in Open-Source Compliance? 
Several departments are involved in ensuring open-source campli- 
ance (Figure 3). Here's @ generic breakdown ofthe different 
departments and their roles in achieving open-source compliance: 


Reseoe + ~ 


Figure 3. Teams involved in Ensuring Open-Source Compliance 


'@ Legal: advises on licensing conflicts, participates in OSRB 
reviews, and reviews and approves content of the open- 
source external portal 

'@ Engineering and praduct team: submits OSRB requests 
to use open-source software, participates in the OSRB 
reviews, responds promptly to questions asked by the com- 
pliance tearm, maintains a change log for all open-source 
software that will be made publicly available, prepares 
source cade packages for distribution on the companys 
open-source public portal, integrates auditing and 
compliance as part of the software development pracess 
checkpoints, and takes available open-source training, 

'&OSRB team: drives and coordinates all open-source activities, 
including driving the open-source compliance pracess; per- 
forms due diligence on supplies’ use of apen source; performs 
code inspections to ensure inclusion of open-source copyright 
notices, change logs and the ke in source code comments; 
performs design reviews with the engineering team, compiles 
a list of obligations for all open-source software used in the 
product and passes it to appropriate departments for fulfil- 
‘ment; verifies fulfilment of obligations; offers open-source 
training to engineers; creates content for the internal and 
external open-source portals; and handles compliance inquires. 

@ Documentation team: produces open-source license file 
and notices that will be placed in the product. 

1 Supply chain: mandates third-party software providers to 
tisclose open-source software used in what is being delivered. 

|@ TE supports and maintains compliance infrastructure, including 
servers, tools, mailing lists and portals; and develops tools 
that help with compliance activities, such as linkage analysis. 


Establishing Compliance Best Practices 
‘The following compliance best practices fall under six major 
categories. Each of the categories represents a step in a typical 
compliance process (Figure 4). 
1. Scanning Code The first step in the compliance process 
‘5 usualy scanning the source code, also sometimes called aucit- 
ing the source cade. Some common practices in ths area include: 
© Scanning everything—proprietary code, third-party software 
{and even open-source software, because your team might 
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Figure 4, A Generic Open-Source Compliance Process 


have introduced modifications triggering the need for 
additional due diligence and additional obligations to full 

= Scan early and often—scan as early in the development 
process and as often as possible to identify new packages 
entering your build. 

© Scan newer versions of previously approved packages— 
in the event that a previously approved packaged was 
modified, you should rescan it to ensure that any code 
added to it does not have a conflicting license and that, 
there are no additional obligations to meet. 

2. Identification and Resolution of Flagged Issues 
After scanning the source code, the scanning tool generates a 
report that includes a “Build of Material", an inventory ofall the 
files in the source cade package and thei discovered licenses, in 
addition to flagging any possible licensing isues found and pin 
pointing the offending code. Here's what should happen next: 
| Inspect and resolve each file or snippet flagged by the 

scanning tool 

‘© Identify whether your engineers made any code modifica- 
tions. Ideally, you shouldn't rely on engineers to remember 
if they made code changes. You should rely on your build 
tools to be able to identify code changes, who made them 
and when. 

|= When in doubt of the scan results, discuss it with Engineering 

'© if 2 GPL (or other) violation is found, you should report to 
Engineering and request a correction. Rescan the code 
after resolving the violation to ensure compliance. 

‘© In preparation for legal review, attach to the compliance 
ticket all licensing information (COPYING, README, 
LICENSE files and so on) related to the open-source 
software in question 
3. Architecture Review The architecture review is an 

analysis of the interaction between the open-source cade 

and your proprietary code. Typically, the architecture review 
is performed by examining an architectural diagram that 
identifies the following 

© Open-source components (used as is or modified). 

© Proprietary components 
Components’ dependencies 

= Communication protocols 

1 Linkages (dynamic and static). 

‘Components that live in kernel space vs. userspace. 

1 Shared header files, 


‘The result of the architecture review is an analysis of the 
licensing obligations that may extend from the open-source 
‘components to the proprietary components. 

4. Linkage Analysis The purpose of the linkage analysis 
's to find potentially prablematic cade combinations at the 
dynamic link level, such as dynamically linking a GPL library to 
proprietary source cade companent (Figure 5). The common, 
practices in this area include: 

'@ Performing dynamic linkage analysis for each package in 
the build 

1 Ifa linkage conflict is identified, report to it Engineering 
to resolve 

1 Redo the linkage analysis on the updated source code to 
verify that the code changes introduced by Engineering 
resolved the linkage issue. 

{As for static linkages, usually companies have policies that 
govern the use of static linkages, because it combines proprietary 
‘work with open-source libraries into one binary, These linkage 
cases are discussed and resolved an a case-by-case basis, 

Figure S illustrates the difference between static and 
dynamic linking to highlight the importance of identifying 
how open-source license obligations can extend from the 
open-source components (libraries, in this example) to your 
proprietary code through the linking method, 
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Source Code 
Scanning Tools 


‘There are commercial and aper’source tools that offer the capar 
bites of scanning source cade fr potential open-source issues. 
‘Commercial tools include Protex from Black Duck Software, Inc 
(wwwlackducksoftware.com/protex) and Palamida 
Compliance ition from Palamia (www. palamida.com/ 
‘products/complianceedition). A popular open-source tools 
FOSSology (wwwafossology.org), 


6. Final Review The final review is usually an OSRB face- 
to-face meeting during which open-source software packages 
are approved or denied usage. A good practice is ta record the 
minutes of the meeting and the summary of the discussions 
leading to the decisions of approval or denial. This information 
‘can became very useful when you receive compliance inquites. 
For approved open-source packages, the OSRB would then 
compile the list of obligations and pass it to appropriate 
departments for fulfillment. 


Responding to Compliance Inquiries 
This section presents guidelines to observe when dealing 
with compliance inquires. These guidelines aim to maintain 
2 positive and collaborative attitude with the requester of 
compliance information while investigating the allegation 
and ensuring proper handling in case of license violation 
Figure 6 illustrates the recommended steps to follow when 
dealing with open-source compliance inquiries. 
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Figure 8. Static vs. Dynamic Linking 


5. Legal Review The best practices of the legal review 

include: 

1 Review the report generated by the scanning tool attached 
to the compliance ticket. 

'@ Review the license information provided in the compliance 
ticket. 

Review comments left in the compliance ticket by engineers 
and OSRB members. 

1 Flag any licensing conflict and reassign compliance ticket to 
Engineering to rework code if needed. 

'@ Contact the open-source project when licensing information 
‘s not clear, nat available or the code is licensed under more 
than one license with unclear terms/conditions. 

& Decide on incoming and outgoing licenses) 
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Figure 6 Handling an Open-Source Compliance Inquiry 


Several companies received negative publicity and/or 
got sued because they either ignored requests to provide 
‘open-source campliance information, did not know how to 
handle compliance inquires, lacked or had a poor campli- 
ance pragram, or simply refused to cooperate, thinking it 
was nat enforceable. By now, we know that none af these 
approaches is fruitful or beneficial to any of the parties 
involved. Therefore, as a general rule, companies should 
not ignore open-source compliance inquiries. Instead, they 
should acknowledge the receipt af the inquiry, inform the 
inquirer that they will look into it and provide a date when 
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Open-Source 
Compliance Insurance 


In the past 
offering insurance services against the legal risks that can 
result fram using open-source software. The insurance policy 
often is caled open-source compliance insurance. The insurance 
policy (depending on the issuing company) offers coverage 
far manetary damages, including profit losses related to 
noncompliance with 

the cost of updating the offending code. 


1 years, some insurance companies started 


en-source software licenses and 


to expect 2 follow-up. 

You should understand wha the reporter is, th 
tion and whether the accusation is accurate or even current. 
Furthermore, not every reporter understands licenses fully 
and sometimes there may be mistakes in the submissions, 
Make sure you fully understand the inquiry and that you 
have all the necessary information to isolate the problem 
and investigate it internally. If that's not the case, ask th 
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reporter to be specific and provide you with the missing 
details to start your investigation. 

Keep an open dialog with the reporter and show that your 
company maintains rigid compliance practices. Highlighting 
your open-source campliance program and practices shows a 
good-faith effort toward compliance, Send updates af your 
internal investigation when they are available. 

After concluding the internal investigation (within an 
imit) through the review of the compliance 
ce completed for the specific software campanent 

tian, inform jarter of the results 
e isa license violation as reported, itis your 
responsibilty to resolve the issue with the reparter, while being 
collaborative and showing goodwill. You need to understand 
the obligations under the applicable license and show how 
you will meet the abligations and how soon, 


Conclusion 
his article provides an averview of open-source camplia 
the challenges faced when establishing a compliance program, 
industry practices and recommendations on how to deal 
with compliance inquiries. 

‘Open-source compliance is an essential part of the 
development process. Start with a simple, lightweight 
compliance process and practice and learn and adjust as 
you proceed. Look at common practices for inspiration, 
but most likely you will make adjustments to fit your 
specific company’s needs, 

f you use oper 
you don’t have a solid open-sour 
consider this article as a call to action. 


source softwai product(s), and 


program, 


ia aad Drecr ol Open Surcalam _adCnibvng lor fr ar oral. 


SFLC’s Practical Guide 
to GPL Compliance 


(On August 26, 2008, the Software Freedom Law Center (SFL 
ppubihed a guide on haw to be compliant withthe GNU. 
General Public License (GPL) and related lenses, The guide 
facuses on avoiding campliance actions and minimizing the 
negative impact when enforcement actions accur. The guide is 
avalable at wwwsoftwarefreedam.org/resources, 


Resources 


Free Software Foundation: wwwisf.org 


Software Freecom Law Center: www.softwarefreedom.org 


GNU Project: www.gnu.org/licenses/gpI-violation.html 
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Conferences: Pro & Un 


What's the future of Linux conferences? voc searLs 


LinuxWorld Expo is no mare. In its place, 
IDG Werld Expa affers OpenSource 
World Conference & Expo, which isin 
the future as | write this and inthe past 
2s you read it. The conference happens 
{or happened) in early August in San 
Francisco, following O'Reill’s popular 
‘OSCON (Open Source CONTerence) 

‘At the time of this writing, 
Opensource Werld stil appears at 
the domain LinuxWorldExpo.com. 
‘Adding irony to insult, is an .aspx 
site, meaning it runs on a Microsoft 
Windows server. According to Netcraft, 
linurworldexpo.com was first seen in 
December 1998, but has hosting histor 
ry on Windows that goes back only to 
June 2008. Meanwhile, 34 of O'Rellys 
36 sites are on Linux. The other two 
are on FreeBSD and Solaris. The oldest 
O'Reily.com site on that Ist (one running 
Linu) dates back to March 1996, 

Under "What We Do" an its home 
page, IDG World Expo (the organizer 
of LinuxWorld Expo and OpenSource 
World, pitches "Bringing You Face-to- 
Face with Decision-Makers You Want 
to Reach’, adding “IDG is recognized 
worldwide as a leader in exhibition 
management, producing more than 
750 globally branded conferences and 
‘events in $5 countries". O'Reilly 
Conferences’ equivalent is, “O'Reilly 
conferences bring alpha geeks and 
forward-thinking business leaders 
together to shape the revolutionary 
ideas that spark new industries”. Both 
are pitches to business. The difference 
is a company that talks the walk and 
fone that walks the talk. Put more 
bluntly, one is driven by business and 
the other is driven by geekery. 

IDG World Expo appears to keep no 
archives of its past conferences. O'Reilly 
‘does (conferences.oreillynet.com/ 
archive.csp). So do we, because (being 
‘geeky lke O'Relly) we put pretty much 
everything we write on the Web, and 
then make sure it stays there. That's 
how | found Marjorie Richardson's 
coverage of the first LinuxWorld 


(www.linuxjournal.com/article/3340), 
She writes, "! spent a remarkable two 
‘days, March 2 and 3, in the San Jose 
Convention Center, and everyone who 
didn’t go has been dropping by to find 
‘out about it. This was a majar confer- 
fence with mare than just the usual 
suspects in attendance, and everyone 
had a big announcement.” The second 
LinuxWorld followed in August at the 
same venue, About that ane, CNN 
wrote, “Linux is hot, said Madeline 
Schnapp, a product marketing manager 
for O'Reilly & Associates, which publishes 
books on open source. if you're anybody 
‘who is anybody in Linux, you have to 
show up at this show." What a differ- 
ence a decade makes 

once measured my approximate 
total conference attendance with 
schwag bags. Back in 2003-2004, we 
lived in a house where the garage had 
large utility drawers that | found perfect 
far filing with old promotional bags— 
very handy for when we needed to haul 
toys to the beach or replace the kid's 
latest lost knapsack. When we moved 
‘out, | needed to empty the drawer. So, 
for the fun of it, counted how many 
unduplicated conference give-away 
bags | still had accumulated in there. 
The total came to more than a hundred. 

‘As Yogi Berra famously said, "When 
you get to a fork in the road, take it.” 
That's what | did with conferences. 
| didn't stop going to old-fashioned 
vendor-spansared canferences, but | did 
start going to unconferences, starting 
with Dave Winer’s first BloggerCon at 
Harvard Law School in 2003, 

Although that marked my frst 
‘encounter with the un side of confer- 
fencing, hackathons had been gaing an 
at least since OpenBSD geeks first used 
the term in 1999. Linux codefests and 
installfests have been happening since the 
early 1990s. Wikipedia credits the annual 
XML developers conference with using 
the term “unconference” first in 1998, 

The spirit of the modern uncon- 
ference, however, goes back to Open 
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Space Technolagy, or OST, which was 
coined by Harrison Owen in 1985. The 
OpenSpaceWorld Wiki describes OST as 
“one way to enable all kinds of people, 
in any kind of organization, to create 
Inspired meetings and events’ 

‘My own involvement with Open 
‘Space began when some geeks forked 
their conversation off Digital ID Worl, in 
October 2004, Meeting frst an a Gilmar 
Gang podcast, the Identity Gang met next 
(on 2 patio at the Fairmont Princess Hotel 
during one af Esther Dyson's (till much 
missed) PC Forum conferences, in March 
2005. Later that year, we held the fist 
Internet Identity Workshop (INN), orga- 
nized by Kaliya Hamlin, Pil Windley and 
myse'f, around Open Space principles 

Since then, we've been holding two 
|IWs per year, each organized as an Open 
Space event, and every time the results 
‘are dramatic. Development moves for- 
ward in tectonic leaps—especially where 
disagreements (or potential ones) are on 
the floar. We've used the same technique 
with two VRM (vendor relationship 
management, ¢yberlaw.harvard.edu/ 
projectyrm/Main_Page) workshops 
so far, with the same results, So {'m 
a believer. 

Bult, that doesn't diminish my belief 
in the continuing need for traditional 
conferences. The market demands them, 
and many conference attendees don't 
want to participate in anything more 
demanding than Visiting booths and 
sitting in keynote and breakout sessions. 
‘And, vendors stil need places in the 
meet/meat world to show aff their stuff. 

‘At the time of this writing (une 2009), 
Wikipedia ists 32 Linux conferences, 
including OSCON and OpenSource World, 
‘Most are clearly by and for geek commu- 
nities. Scoop Nisker says If you don't like 
the news, go out and make some of your 
‘own. Same goes for conferences m 
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